7249b9f99523e9490a80d8a78a985d93_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7249b9f99523e9490a80d8a78a985d93_JaffaCakes118
Size

98KB
MD5

7249b9f99523e9490a80d8a78a985d93
SHA1

688d92c65987e69783bd82fb64ea027cf2181777
SHA256

056308b838c85962f4ffbbc1827b01e1cd10a0d0135273c4b946ec7f464b86af
SHA512

76cf5a32fe55c4449a60107334050c36f93cf567511f2a391238ee32bd0c947c475fc1d97cdb6af937ac6177454f7c83e1c0fec584c268fcc0bc8dcc154150ab
SSDEEP

3072:yF22ZxUZzIY2gZTLpODeZhxp+S5NKlKU4:I2yxUZz9T0DeZhxpvXKlK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7249b9f99523e9490a80d8a78a985d93_JaffaCakes118

Files

7249b9f99523e9490a80d8a78a985d93_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

2176382012090cef75dca4d21de96e48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryExA
GetConsoleFontInfo
FileTimeToSystemTime
GetPrivateProfileIntA
GetProcAddress
RtlUnwind

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Lkcjlko
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.none
Size: 95KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.none2
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mnon
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ