4beaa1c7864b7879faa43540fd88237d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4beaa1c7864b7879faa43540fd88237d_JaffaCakes118
Size

141KB
MD5

4beaa1c7864b7879faa43540fd88237d
SHA1

6d742da7ede55fc278a8cac491a482710aa8d7ed
SHA256

ee01c440f90ebe8c07e703ef82ed4cfa66cc1f2a4c61397d0ad86bde29d8c194
SHA512

39cd5b92d4ffbe9d79ef4078eac31010c0555da8f5525c60817986fc0eb30fad167825ec4b9ff7fb98ce34c6cff08bd24df519e6b4bc10ad58f6579a8faf79dc
SSDEEP

3072:gSthl9JE6tBlb0PFvlhxe/ZJV/1qR7CKhtTOcLPpDzcQ4ceS3Ca:BO6tBt0PF9mJVdq3DOePmQ4c/r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4beaa1c7864b7879faa43540fd88237d_JaffaCakes118

Files

4beaa1c7864b7879faa43540fd88237d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oh4yfo9w
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

obx0bb.h
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ta.sspzc
Size: 124KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

u9t1dxt7
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ