a3ee716b57c2a7b95b6d2d2a23a7840c_JaffaCakes118 | Triage

Sharing

General

Target

a3ee716b57c2a7b95b6d2d2a23a7840c_JaffaCakes118
Size

101KB
MD5

a3ee716b57c2a7b95b6d2d2a23a7840c
SHA1

19abee7f521e72a9609e5f8f37ed8a1c2656bbe0
SHA256

8d5f4f89a08321a5d5e0716bb354449c6549aec06dbb225922995535d22eab9b
SHA512

0e67eb13fc49439db23186078a76dba32c3c5f8c3b35a5354641d05c0ac2166645c9c5be046b1ef5cd943bf8c55795b1a4147c6bb89b9303b409d9a7e4197da7
SSDEEP

3072:N/SNtYwyw1QoRFAKjyToMLJiTw3PUD6ueB1IlKN:N/1ocKjdM9iEfr+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3ee716b57c2a7b95b6d2d2a23a7840c_JaffaCakes118

Files

a3ee716b57c2a7b95b6d2d2a23a7840c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

0e714925dd4f6eaf5e1c138322f2010c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
FileTimeToDosDateTime
GetVolumePathNameA
GetSystemInfo
LoadLibraryExA
ShowConsoleCursor

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Pnkpamp
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.none
Size: 97KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.none2
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mnon
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ