87aa84c9a0d77781e5b7c11832bd7d54_JaffaCakes118 | Triage

Sharing

General

Target

87aa84c9a0d77781e5b7c11832bd7d54_JaffaCakes118
Size

71KB
MD5

87aa84c9a0d77781e5b7c11832bd7d54
SHA1

04b9e62361beec459c659e014d8740a56b43af8c
SHA256

94643f92336ac11a166a1757065ecf2f69be8d68d966c17a1c0d0fa3d3380abc
SHA512

f237087f303893fde3245234252bf9f675ca7b179fc0b9ad4fd5e90fe1ede0f536617b065cea174989656c25b969ddc511f7e1c144f18ddea3a9ff02b0157f30
SSDEEP

1536:Zkmp6+kPw1bAdMudiCQTwVaYPzvihD0ik3dh80lQLelLM2nN+5hG1uP8:ymYhY1Rut9zvQD54SxLelLMcN+5Q1W8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87aa84c9a0d77781e5b7c11832bd7d54_JaffaCakes118

Files

87aa84c9a0d77781e5b7c11832bd7d54_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

cc57de27c39c384bfcfa14d98c1bbf0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharNextA

advapi32

OpenSCManagerA

shell32

SHGetFileInfoA

ole32

StringFromGUID2

oleaut32

SysFreeString

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 39KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE