87b1acf42462a29464df6d621aa0baef_JaffaCakes118 | Triage

Sharing

General

Target

87b1acf42462a29464df6d621aa0baef_JaffaCakes118
Size

99KB
MD5

87b1acf42462a29464df6d621aa0baef
SHA1

fcb959fd9d192c3989077027b1aad8baa83bdc49
SHA256

2da31615bbfb4bd52e2eac122e0b4cf8cc027bbb83220c202079644a7d9e8be5
SHA512

a521092223488413658b90a5611bb61bd93ce08f5d9794dec674f325656301c9b8a26d11bc30de82cf042a55a0f20ed118054f55e5b334e9ad6e3f9f43e060ac
SSDEEP

3072:nnz33vr0uxDNJylVDJYPjBUDnUcCEYtD:z3zByfD0VUDU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87b1acf42462a29464df6d621aa0baef_JaffaCakes118

Files

87b1acf42462a29464df6d621aa0baef_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

4bf8ec7bcadb0a8c175a710830df2c5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCalendarInfoW
SetEndOfFile
UnlockFile
FreeLibraryAndExitThread
HeapWalk
LoadLibraryExA
GetProcAddress
TerminateJobObject

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Kmknkmk
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.text
Size: 95KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 462B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ