653c07213af98f6c21e5c66e4ae56b14_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

653c07213af98f6c21e5c66e4ae56b14_JaffaCakes118
Size

101KB
MD5

653c07213af98f6c21e5c66e4ae56b14
SHA1

c8de1761f78135e1c99fbd3e550b5ac5011331b1
SHA256

411a832c3bea3d350e7678d03537655be3201bfe6b56ba40b9e61118f51d5c69
SHA512

dbc92431c466f0f25d1200eb2ce34559961c6ece26948d9a282f316f27a853734994514f7b7a87cab2338f4f182374bb41ead0e9c33718bc8c8ef5f9c9d20b24
SSDEEP

1536:KqUYpSW7azL/iHWiBB9XhOj4iMt6CVxLhGzIBgcEcHWd2hyrjXLrFJ+:lUXW7I/NYOjqDIUBg1VrjXLb+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
653c07213af98f6c21e5c66e4ae56b14_JaffaCakes118

Files

653c07213af98f6c21e5c66e4ae56b14_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

53445e58f989671dc1d516383666c988

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

SetMessageWaitingIndicator
IsBadStringPtrW
FatalAppExitW
LoadLibraryExA
GetProcAddress
GetPrivateProfileSectionNamesA
EnumResourceNamesA
GetNumberFormatA

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Engmlge
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.text
Size: 98KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 490B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ