a7674cec797dc39cb0357d14dc3a4ece_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7674cec797dc39cb0357d14dc3a4ece_JaffaCakes118
Size

163KB
MD5

a7674cec797dc39cb0357d14dc3a4ece
SHA1

c39a76c84241b05721a59665fdd0a1813e705f23
SHA256

8fb169009b827801d89a2d4f63fd28fb1b709cdf57156fff5648ca912a763d7b
SHA512

fbc533bb0c66132d93e34a1550f42669148927afc10419d95e7636c80c5d9544f9562c739c12e00533caa7bcc898ab6715fca9638e838b9cbae7d7e005a755e7
SSDEEP

3072:3yzW9VHPwQ7K9I730egmp/tF/C5DGkmX2+i+NjIDH589cCk0V/W5:3yibrW9K3hgmp0wQcjIjai0V/q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7674cec797dc39cb0357d14dc3a4ece_JaffaCakes118

Files

a7674cec797dc39cb0357d14dc3a4ece_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

cc57de27c39c384bfcfa14d98c1bbf0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharNextA

advapi32

OpenSCManagerA

shell32

SHGetFileInfoA

ole32

StringFromGUID2

oleaut32

SysFreeString

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 39KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE