5d571ce5ae8550dea98da056ca10d54f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d571ce5ae8550dea98da056ca10d54f_JaffaCakes118
Size

2.3MB
MD5

5d571ce5ae8550dea98da056ca10d54f
SHA1

c93bb416c7d880e1607f168d75d27c03cec8ad24
SHA256

58a07c3c19d4b6e478dda9f3fc76feb8a8a5d3fa1c41ce24dde9e1327f2dc6bc
SHA512

44cdf433385eb29df770933d85d6e33055004e7361339db69b7025ddd651f451cfcece9b98f5dbaec5947d5e2ffb3a8a416da65f0cdf62de3cb7297e22497acb
SSDEEP

49152:vhxTNwJ5SK3AGMhJt2bKc4wYRhp26hbKD0QbtoyRt7CF:v7TOvSK3TMhJOKyYRe0QJo4WF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d571ce5ae8550dea98da056ca10d54f_JaffaCakes118

Files

5d571ce5ae8550dea98da056ca10d54f_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

9cd23ec45fb04fb54b7cffba73affd7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
LoadLibraryA
GetProcAddress
VirtualAlloc
GetModuleFileNameA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
start

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ