ae1792e4e38e232fc311bf665f11311f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae1792e4e38e232fc311bf665f11311f_JaffaCakes118
Size

384KB
MD5

ae1792e4e38e232fc311bf665f11311f
SHA1

2407a1469ecb914ae740bd71ab0961b1ba986648
SHA256

36599938fb4f850ac33fb32d580f181a9934dada82ba4be6f82725a30874b1e2
SHA512

368fae6d1371f599501b83d49fad42b3903fc5d2fe73495c9b3c585e8a2829f5216b0f13ae19ebe68a9cb362ab4fda3c00fd368d012c09b95019c4d5dafbe24a
SSDEEP

6144:DWQk8L3X9bavKmVhAMQxAwQhyyQTBJLaFXEQ1HtuGk:DWQkCX3mVhDQMyyQTrLaF0MNuP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae1792e4e38e232fc311bf665f11311f_JaffaCakes118

Files

ae1792e4e38e232fc311bf665f11311f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ