5a230ed7bb6516a222151e1d445119e8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a230ed7bb6516a222151e1d445119e8_JaffaCakes118
Size

179KB
MD5

5a230ed7bb6516a222151e1d445119e8
SHA1

b0f6848361a85fb06f525dfed9a8c60a66c95414
SHA256

e92e3963979db8fd6ff32b846233b5a27bfc7100f871aac1bb95c7df5b6db559
SHA512

39933ebd8852e29cb1d31bfca4edbe5edf421659d7cfe3e376f7202d833cf58bec4ebd3bbc7164c96bced537901e883d49e28602650e89e8ce5f423ddd899473
SSDEEP

3072:JsdGIHG5KOzB3+2tjSc9bwD5eLYNREzX4XUTiOCejkc3OzTvAT:WVS1RtjSc05mE6zXNTiOV3O3vAT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a230ed7bb6516a222151e1d445119e8_JaffaCakes118

Files

5a230ed7bb6516a222151e1d445119e8_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

529eec90942b849c7b88958663d3d3ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
SetLastError

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ