ac4ec6dfb1071d9b3a52fd17663271ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac4ec6dfb1071d9b3a52fd17663271ef_JaffaCakes118
Size

106KB
MD5

ac4ec6dfb1071d9b3a52fd17663271ef
SHA1

19f6028b25438ac24d72a8354b5bd8ea126b02af
SHA256

fed9625635f6b99d2b14f75582c35998f3eb3e2f00052c451c08f1d61134f68f
SHA512

a10266beb3465f38152c98973bf5f51271bb19411f75698491439c39f1d7849d52f7e47623f3d8b4cd5db20cb2378ff4c7b9691674b8132f35c502fea3e5d01c
SSDEEP

3072:91Y11zScw8amCTaj2F8cCHD7wzeLP9Td4wB:81Q9mCTBZE7d95

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac4ec6dfb1071d9b3a52fd17663271ef_JaffaCakes118

Files

ac4ec6dfb1071d9b3a52fd17663271ef_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

85eb97d0fe59c55dfdac004b651a7b7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvbvm60

ord582

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 90KB - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE