46e7b523990679911dd65daa6eb65a6f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46e7b523990679911dd65daa6eb65a6f_JaffaCakes118
Size

29KB
MD5

46e7b523990679911dd65daa6eb65a6f
SHA1

702d24647014c52b6ae6a91b5f867482bee6b360
SHA256

38e342e7b37a24da2e1284430ca63f63c79446c194207a35e56b257c0421b87b
SHA512

e0d5e15bf2eacdebd9e8ebf81bd84f21eba927cdf6db7a168500711786c09dd1a315fb759e46dc56fc39713b56db1fcc4e418df0d28d018232585780ce300c26
SSDEEP

384:3UIX5F2pJepHV9KWY51BWJWZigT9eI5FTk8pm5WaQwxtZ4C:EaLwRW/x89eeS8u3tZ4C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46e7b523990679911dd65daa6eb65a6f_JaffaCakes118

Files

46e7b523990679911dd65daa6eb65a6f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

e22c6c63ebd5186f9eea34fd49353080

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
GetCommandLineW
ExitProcess

opengl32

glScaled

ntdll

NtCurrentTeb

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 290B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ