aa0387647cd3d0de2ac46c951c981ed1_JaffaCakes118 | Triage

Sharing

General

Target

aa0387647cd3d0de2ac46c951c981ed1_JaffaCakes118
Size

84KB
MD5

aa0387647cd3d0de2ac46c951c981ed1
SHA1

8f3bba7e7c8cc520eb01bb4f99e3805831e8fe08
SHA256

130ed4ac56227fccf20bc8b160c9854949ddac0005f3edd3638934daf6627881
SHA512

4845f0943f86f8a0420421653eb9a04213a6596dab4a89935b47e025a52b6cc55371231099fc379531ed65cbe872ee4a1283ebbfa37a4be6fe97f48ad7fe1399
SSDEEP

1536:jGGSjq4NZ4OA/MljcBowgaOHmKMzPQXuHd40NYLZWVONGIE:iag4ZUljc3Kio+fNAZIEE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa0387647cd3d0de2ac46c951c981ed1_JaffaCakes118

Files

aa0387647cd3d0de2ac46c951c981ed1_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

f287fd6bfed6cb699b37f724e5b2939b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryExA
GetProcAddress
LeaveCriticalSection

advapi32

FreeSid

oleaut32

SysFreeString

user32

CharNextA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Pmoiohk
DllMain
DllRegisterServer
DllUnload
DllUnregisterServer
ServiceMain

Sections

.text
Size: 81KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ