a70bcd1a33893ea09b39d90ef25f5adf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a70bcd1a33893ea09b39d90ef25f5adf_JaffaCakes118
Size

97KB
MD5

a70bcd1a33893ea09b39d90ef25f5adf
SHA1

aa97dcfed0e47fd1229222bdf0435c21da134def
SHA256

f54193e3a68f9d9d97c3cb95bc1f944a9e666670a659042f6cd2a1ae2c49b21b
SHA512

35155baa310d9e7bf76966661dee6c4ff051b29b208b417e2641d132e5e302a36734121aded016bb8ceff2629e98a47c7e43d49a685a76f1ca3f3dc4d29fa860
SSDEEP

1536:NQspD5TNK5fFJvkwf6ZNjGWMhsx5FwYdhaKRPgAEHUT0BDSPStlYJ3F5DNcrMOlx:/BXLVMhsx5FwYD5PgAp2DMelYBFeME

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a70bcd1a33893ea09b39d90ef25f5adf_JaffaCakes118

Files

a70bcd1a33893ea09b39d90ef25f5adf_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

529eec90942b849c7b88958663d3d3ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
SetLastError

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ