6171bdda3f2fb9f0287947f781e5e647_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6171bdda3f2fb9f0287947f781e5e647_JaffaCakes118
Size

98KB
MD5

6171bdda3f2fb9f0287947f781e5e647
SHA1

07f1db5e87e2b5054f8cb4425442598b06c164f9
SHA256

9a69b04bfb197bcc184c2fd942fb48467ab4b049edc9b12e740b62c43a42f89c
SHA512

adb12583c760a46be744c7539752bdf8ad2fa7d793aaa8fbf9a698d217641cf2715af7b2a5dbda65aa15d149a40709e6c2dae0b42a4fd34466e52c988eddbb3b
SSDEEP

1536:QEXsTg06w4VhzeAOzqlfjdFrC7HtGHAIQfmPlD488RY8yGazD1:QEcTt43zeAOqfjd5MtGQfiN48Mt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6171bdda3f2fb9f0287947f781e5e647_JaffaCakes118

Files

6171bdda3f2fb9f0287947f781e5e647_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

382a6a3d97fbe12f675e6fa81bbb29aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FileTimeToDosDateTime
GetProcAddress
LoadLibraryExA
VirtualLock
SetDefaultCommConfigA
SetConsoleKeyShortcuts

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Gblkdcp
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.none
Size: 96KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.none2
Size: 512B - Virtual size: 422B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE