a1e93154b80550eb7b3aacff32a9caad_JaffaCakes118 | Triage

Sharing

General

Target

a1e93154b80550eb7b3aacff32a9caad_JaffaCakes118
Size

54KB
MD5

a1e93154b80550eb7b3aacff32a9caad
SHA1

f8a36a706f163d4d05bbcdadc424b89cb2e2d400
SHA256

2393f178e0e5a9e2ab9d11db2b3866a1cba3820babaafc3dd443b3dc133e133f
SHA512

faad5a406ecbf55faf991b808f461598d8db11ebfedb302007f6bb71275153c8a0bb8d201a5af918223dc4372d3a9fa2bc6a096a275d580302ec7a4aaf3c701d
SSDEEP

1536:JY020nnnnh27fCX1M7m9jvoZ7U/ixGydi713Kqnnnnnny7rHBUBnnnZ:6B0nnnnA7fCX1gAiKnnnnnny7rHuBnnZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1e93154b80550eb7b3aacff32a9caad_JaffaCakes118

Files

a1e93154b80550eb7b3aacff32a9caad_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

a543e780db983cc13b534cadac598376

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetModuleFileNameA

msvcrt

realloc
free
malloc
_initterm
_adjust_fdiv
_stricmp

Exports

Exports

DllGetClassObject
DllRegisterServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ