87bc31f5ade7944b3783fdad91c1ce68_JaffaCakes118 | Triage

Sharing

General

Target

87bc31f5ade7944b3783fdad91c1ce68_JaffaCakes118
Size

411KB
MD5

87bc31f5ade7944b3783fdad91c1ce68
SHA1

ae0f31a6a62f4397d7749c84d833180aab49d648
SHA256

65f21d0cbb27127c7ac16b77b999edd17e437776124e0df4c42958ffc71c8d89
SHA512

eeaff7b5af3912d2fa505daef369c77bf4ba177ae971a83f6662625cf12a62c4352ea8d8cfa0d9ffa843c35e897bff398a26d161710e481baf3ecb95d35b8efa
SSDEEP

12288:M585lx1ntcU3YZCLei3sKX+4qFkCPvByJEQTr+dD4J:M58j3YCSesk+4qFpIrTr+d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87bc31f5ade7944b3783fdad91c1ce68_JaffaCakes118

Files

87bc31f5ade7944b3783fdad91c1ce68_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 286KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ