862925a47b7ba91177390f89c4afec87_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

862925a47b7ba91177390f89c4afec87_JaffaCakes118
Size

430KB
MD5

862925a47b7ba91177390f89c4afec87
SHA1

ad71108b1736a1631bb9c526ccae825054e59160
SHA256

b4213f3f152b6072863caeae22d8875192433f189efb4f02658cc7c27a45033d
SHA512

0b4fe87e416b0e3eb569c00baa80ca76fb4a0d95e7bdd67df5b4f953e336e51aad72b5de7675d85cccc0ec819b4751cc4ddf793d96be560b8862d8877d28829d
SSDEEP

12288:ehAH61Cm9DGgAQRaJs81QBz0KGar1hH12JWQTrWwDw/:ezCAL2QWKGaPHoVTrZE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
862925a47b7ba91177390f89c4afec87_JaffaCakes118

Files

862925a47b7ba91177390f89c4afec87_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 299KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ