754f1fa32d1577ea1d4201f93f4c2458_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

754f1fa32d1577ea1d4201f93f4c2458_JaffaCakes118
Size

485KB
MD5

754f1fa32d1577ea1d4201f93f4c2458
SHA1

b930e487d3dba5c787165392c087f529f2c86f87
SHA256

6cff33487f0fde4bf7834b73ebe8a8fa75a551b402370b6cb86b53ae264724a9
SHA512

42983bb7a88a12af8bb5b41781c0a4fc7676ffe872099752677fdbd3cac9e1237d618667a46721f5a6aa2d6e30830649950e135567e10ab183c7e5f7943a1a38
SSDEEP

12288:KOhF7dWnZVOp+wK7iHDIESW6sYXWPhg5AXT5HrEt3h6y7kFQTrVmA15PM:K2F76VLFESW6N5QT5LEt3F7TTrVmA7M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
754f1fa32d1577ea1d4201f93f4c2458_JaffaCakes118

Files

754f1fa32d1577ea1d4201f93f4c2458_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ