467f321344229c08230fae0621a112fa_JaffaCakes118 | Triage

Sharing

General

Target

467f321344229c08230fae0621a112fa_JaffaCakes118
Size

83KB
MD5

467f321344229c08230fae0621a112fa
SHA1

ba65a3a0ecdc30d71ce151b6a55b750581f5bb81
SHA256

c6329764795d38d5edc92d26baa767dd34b0ea1c81047f47a7cc57cec542716a
SHA512

f6a47c1e40ea73f096d1ea9af2d4b6615c61c18db1032887824dcad13cbf0ca9e2a63443ea8b124aa515af1131d128a9ab67ebbf20756f7c4ddd306063b47d49
SSDEEP

1536:DxEzrd8vE4/qP9eEBFQLhTs+4Rf7ZqmsPSUgAzK4RDH9O91A9dh09:DxEzrdN8qP9f6u5Rf74Y0ztDH9O91Chs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
467f321344229c08230fae0621a112fa_JaffaCakes118

Files

467f321344229c08230fae0621a112fa_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

282b7f2e51b648f2488a40a8fe9faf48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateTimerQueueTimer
FormatMessageA
LoadLibraryExA
GetProcAddress
GlobalUnWire
GetEnvironmentStrings

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Nononon
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.text
Size: 79KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ