6a919df2cb9fd736a3af6433b146247e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a919df2cb9fd736a3af6433b146247e_JaffaCakes118
Size

96KB
MD5

6a919df2cb9fd736a3af6433b146247e
SHA1

831ddf9f3d1452534dfc0a089a10c7f98b9b5969
SHA256

51d0359d5075d788a33d3cfb9b18585d39223847e03385811aae49472676ff3c
SHA512

ef8de83130ed63d4a45499a89ba2e3e1826949d44d439840a138c1fc7ff841a27f84aefce654e5bf1b95cf2337405acfdefc041ab9047354124ee088e21fddb6
SSDEEP

3072:CdoDYQHN3dh/vsEDUl6b3xHcippbhLrZ+SJVFRN+s9JDh/j7SotEfL1fGkh0ccZ7:CdoDYQHN3dh/vsEDUl6b3xHcippbhLrj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a919df2cb9fd736a3af6433b146247e_JaffaCakes118

Files

6a919df2cb9fd736a3af6433b146247e_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

06316bc38fc623c4ca08c71468d56723

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

actxprxy.pdb

Imports

kernel32

LoadLibraryA
GetLastError
InterlockedExchange
FreeLibrary
GetProcAddress
DisableThreadLibraryCalls
RaiseException
LocalAlloc

msvcrt

_adjust_fdiv
malloc
_initterm
free

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ