752638b289aeb4eb3fb13e5a2b5deca5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

752638b289aeb4eb3fb13e5a2b5deca5_JaffaCakes118
Size

159KB
MD5

752638b289aeb4eb3fb13e5a2b5deca5
SHA1

05666847fef04a4bc2c3d2d6b900ced670eab0a6
SHA256

6232e08939c13429cfcdcf9541bcdc6cf0de2345a95bcd6168b0d869f3a0a5a4
SHA512

9d728d241c588cebf97bcc1790f9064db9358b4dd89a15f9087ab9c99e046cd38d57da7267f5639901acca34ba7b2b22ffe30c3b27628b593137b9c8f329ada1
SSDEEP

1536:0Wty3OgQCkZetiXD7M904IzKsWoJ7xwAU:0MWG89PIOsW0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
752638b289aeb4eb3fb13e5a2b5deca5_JaffaCakes118

Files

752638b289aeb4eb3fb13e5a2b5deca5_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

a28a9df0d52b953983939c6655d71603

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA

msvbvm60

ord580

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 61KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE