5c2280311adf6493b89cbbb1851f35ea_JaffaCakes118 | Triage

Sharing

General

Target

5c2280311adf6493b89cbbb1851f35ea_JaffaCakes118
Size

57KB
MD5

5c2280311adf6493b89cbbb1851f35ea
SHA1

267fa27d5ca4d6555d12a26c2e46ee3c59bd9aaa
SHA256

483808f07e8a7ae554c8df0042d372ff3c0fa535f22f81f193127bc19ca840bc
SHA512

ba05b60ff5f87a2858a9719ff8283a3f37735edef39b5a170ef8f138c2d615a6b19dc5f5cae6897017e14ef6efee6b19ce14a81367442c97e338273111251876
SSDEEP

768:ItAr8ycrtyv1FlxUVmw2FhvprOu0CtpIMSwUiE5MRr558xtcDmIjxPxtyfZJEvF/:FroiU41nvYGtpIMtzlv/D7jfDnfG3Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c2280311adf6493b89cbbb1851f35ea_JaffaCakes118

Files

5c2280311adf6493b89cbbb1851f35ea_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

6cb4db0ee15dfff45fd400beb97bdaa1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord941
ord800
ord1200
ord537

msvcrt

_adjust_fdiv
_initterm
__CxxFrameHandler
strlen
rand
malloc
strcmp
free
_mbscmp
realloc
memset
memcpy
_stricmp
_strlwr

kernel32

VirtualAlloc
VirtualProtect
GetProcessHeap
HeapAlloc
GetProcAddress
GetModuleFileNameA
CopyFileA
Sleep
DeleteFileA
CreateFileA
GetFileSize
ReadFile
CloseHandle
FreeLibrary
HeapFree
GetUserDefaultLangID
IsBadReadPtr
LoadLibraryA
VirtualFree

user32

MessageBoxA

Exports

Exports

DllGetClassObject
DllRegisterServer

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 374B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ