6678cf09e3d76a93b340b0cc6d8ce0ea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6678cf09e3d76a93b340b0cc6d8ce0ea_JaffaCakes118
Size

465KB
MD5

6678cf09e3d76a93b340b0cc6d8ce0ea
SHA1

c2f6ce2d8981982acd4bad640ab190ff0eaaf48d
SHA256

4000b0b5ff484ac25474a81a58b0b63a8e5c0a9e2d15c0a1e97b40c5d15c4ad0
SHA512

a5e9285a6821825efbc37b50474cbc95526c41a1d3df96e0db354ec0d207098f7758413d2679c5ae747e61c311317c6ab559ead2e1e8197b3569aea987b0131f
SSDEEP

12288:c2541y1P8l9cgST+3LLWvO5w/vhjEt2ApJDT/adJtQTrakdHwg:ThgSTEtcvhjrApJvad8TrXH1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6678cf09e3d76a93b340b0cc6d8ce0ea_JaffaCakes118

Files

6678cf09e3d76a93b340b0cc6d8ce0ea_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 335KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ