a99e61f559771af403504240dbb005ca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a99e61f559771af403504240dbb005ca_JaffaCakes118
Size

101KB
MD5

a99e61f559771af403504240dbb005ca
SHA1

bd5fb99dbeca756f2dca66e00f8f19431cfcea89
SHA256

d46ef29baf8cd9d05cd4d98945aeda0fb25dccf14b7a8118425b869c01465156
SHA512

6c12500004afc1e56b9825af0691bdf29dd4f5ea9916bdea2452c16bec64c6b868c865fda9d9885267fe0fda1f0296a6fe0cff61cdc72ab848c4ee5a44d1bcf8
SSDEEP

3072:vtuxZLkDIVYOGZrTkYUqt4MugE76SYiXuhOjP9plM:vtuxZIMVYOSTkXqt0gE7vLXuhwX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a99e61f559771af403504240dbb005ca_JaffaCakes118

Files

a99e61f559771af403504240dbb005ca_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c2153053dac16dfda4acf12a50df55ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
EnterCriticalSection
LoadLibraryA
LeaveCriticalSection
GetProcAddress

advapi32

FreeSid

oleaut32

SysFreeString

user32

CharNextA

Exports

Exports

DLLCanUnloadNow
DLLGetClassObject
DLLRegisterServer
DLLUnregisterServer

Sections

.text
Size: 99KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE