7689c44814bec8f708f62dc6865dd557_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7689c44814bec8f708f62dc6865dd557_JaffaCakes118
Size

768KB
MD5

7689c44814bec8f708f62dc6865dd557
SHA1

abf55e5acd5a0062cc074132829198c4dafee24f
SHA256

16dfce6bcb7cdd8392756b9d80217d31d8a67ab3882c8e506bc56f6610ba7264
SHA512

b90f5a1ea71a9c405c58468ad0db1232b719a2226b5293b6f1b8c56c7a8e4161169bede26c61e34c69174a194175f3960ac21470fdeeb98cdafcd78e2a22fe70
SSDEEP

24576:mhbmHi2pRnIFzuoomgmmow7Z3mL7ZbrJVjA1sso4:kJYnIFzAmPpE3cZbrjj5q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7689c44814bec8f708f62dc6865dd557_JaffaCakes118

Files

7689c44814bec8f708f62dc6865dd557_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

Size: 292KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

abuuvfnb
Size: 456KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iwvqzwky
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE