479d49c1c70f82ffee4b734bd25621fb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

479d49c1c70f82ffee4b734bd25621fb_JaffaCakes118
Size

176KB
MD5

479d49c1c70f82ffee4b734bd25621fb
SHA1

fc66a40ea26d4439172ec3bec3c92cb5932eb833
SHA256

f63a5a2c6b7d199015597ca2da1f6f98d74930352181f9ea8d86e4db88169ff4
SHA512

1263510d5461d5782c26c22480c4a216870a0571aa7d53cef3779fe24dff40e79ca5a506dcc843efcb00e041bd719a169a87bea691924192606d815548739a23
SSDEEP

3072:/BXLVMhsx5FwYi5PgAp2DMelYBFeM4FcCG7TCnp5cvLi22yT:/BXLUI5i5PgFMwAcM4RG7TTvL32yT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
479d49c1c70f82ffee4b734bd25621fb_JaffaCakes118

Files

479d49c1c70f82ffee4b734bd25621fb_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

529eec90942b849c7b88958663d3d3ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
SetLastError

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ