5b9ef58e0ef4ee44f92920038120220d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b9ef58e0ef4ee44f92920038120220d_JaffaCakes118
Size

41KB
MD5

5b9ef58e0ef4ee44f92920038120220d
SHA1

3b2063c88cd8cb9354a3a8e681dfd667c209dd3f
SHA256

6eb0ee648fba4bc832bdc405550fe8fcfb1ecb5d853f3191aa723245c3b753f6
SHA512

bc98c821be4dc470e7fce573e8457224a33d68594699784282bd5a75cc53a3a0c900c1cacab8c019058c1c38b0d8c866a9d1bffc8a260b0af4f0ed0c879ae43e
SSDEEP

768:WqdGOe3FYknsN5KPgkXyuJjFXmbkWm3pGVWNGbhpalSz066X0ZtvsgMIGb:W00sufyyWbSGVWChpaI4L0Z+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b9ef58e0ef4ee44f92920038120220d_JaffaCakes118

Files

5b9ef58e0ef4ee44f92920038120220d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d0e287eaee2556951fd1c6b53e74e997

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA

advapi32

FreeSid

oleaut32

SysFreeString

user32

CharNextA

wsock32

send

Exports

Exports

DLLCanUnloadNow
DLLGetClassObject
DLLRegisterServer
DLLUnregisterServer

Sections

.text
Size: 39KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE