a1dd4e095355b60bec2a8daf465f1493_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1dd4e095355b60bec2a8daf465f1493_JaffaCakes118
Size

980KB
MD5

a1dd4e095355b60bec2a8daf465f1493
SHA1

89fef5a8d66f9038a188b268b3bb5144e53e934e
SHA256

1372551e776ec61a67922dc4567bade6cab8e87ef3f6c6daca89dfe6555455cd
SHA512

ced4a05dc2dba387a7faff03191932899d1de2c02e5fa77299d0c39dc26acca17832bcd0daea0f0597166f28cbfdda813bf95dd442b479a3ca5802b0d0653061
SSDEEP

24576:vBIcCB0MAsPb6M0xo6T1jawNqVP7qh+w3e6C0VThFEp:5INykjbCTop

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1dd4e095355b60bec2a8daf465f1493_JaffaCakes118

Files

a1dd4e095355b60bec2a8daf465f1493_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IAlloc
QueueMemory

Sections

.text
Size: 616KB - Virtual size: 613KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ