87a084dcdfd21e6c47f8c3f2e6d3cc06_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87a084dcdfd21e6c47f8c3f2e6d3cc06_JaffaCakes118
Size

38KB
MD5

87a084dcdfd21e6c47f8c3f2e6d3cc06
SHA1

276562c539b8daeff8c72870c18ac565d7a9dc81
SHA256

a95757e618978f8bb74bf76aef44b2598e5b5a9e1f9869702c6b462553f1c3ac
SHA512

f5d43bdab35f894818aaf25f1c8bc50004a1b005a38cd2db76d03a586080504fa32e8bbeab31194c65e7ab1886edbfccb44b475100168086395f3758d2362a3a
SSDEEP

768:O9GBkGdsCsnnnnFcirgeEifEoqe8lrEFbyPboAQBigQraqeaPZ6GduHnnnnnnobK:4GFdslnnnn2iN5feeyPbcBdQraqeaPZ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87a084dcdfd21e6c47f8c3f2e6d3cc06_JaffaCakes118

Files

87a084dcdfd21e6c47f8c3f2e6d3cc06_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

a543e780db983cc13b534cadac598376

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetModuleFileNameA

msvcrt

realloc
free
malloc
_initterm
_adjust_fdiv
_stricmp

Exports

Exports

DllGetClassObject
DllRegisterServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ