a10729462e11f9ee99707021328dec36_JaffaCakes118 | Triage

Sharing

General

Target

a10729462e11f9ee99707021328dec36_JaffaCakes118
Size

103KB
MD5

a10729462e11f9ee99707021328dec36
SHA1

83cde5cfb07e25b801bd237a1b4de080366cb76e
SHA256

89fd3786e9b2f09a77f322055ab16d989d2bb12a90c9301a7ac398e395d944df
SHA512

2ad00b32db9397428fefac42cc70ea8c0c1b224ba0712f1f3a9e756bb661f31838af6a6acc8dfa507643a36c1d28fd704d76be11a183c3316d1b156c7e7d2f8e
SSDEEP

3072:ymYhY1Rut9zvQD54ECtdygUd2SRjWyX6TXBqTzdAfP4uF6/ifS125:ghiROzva9WygU7Rq6X+3RF6/V125

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a10729462e11f9ee99707021328dec36_JaffaCakes118

Files

a10729462e11f9ee99707021328dec36_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

cc57de27c39c384bfcfa14d98c1bbf0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharNextA

advapi32

OpenSCManagerA

shell32

SHGetFileInfoA

ole32

StringFromGUID2

oleaut32

SysFreeString

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 39KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE