ae5767c2f4f813b990137a782d116223_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae5767c2f4f813b990137a782d116223_JaffaCakes118
Size

712KB
MD5

ae5767c2f4f813b990137a782d116223
SHA1

fd658a7d52b5b942e39a93faf00039f9e2d4fbc3
SHA256

6b6a1ea7e8ef9199802d9937175f82d081b90d2884a58a785147815b310e1699
SHA512

92b4a405d17905f3eded825c61be68c0f91551ea2073de30e781357aae76263039e240a19de65456e1f056fc818d6566d866ab5f00d5615898d166f37de54a14
SSDEEP

12288:sdyy2pM54iOjpLnQONF4Ga6PZ70NkkwEFlb5Wo/3Z0NoGguG4L:iyy20d+LnVNvH72kQFlb5dpKG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae5767c2f4f813b990137a782d116223_JaffaCakes118

Files

ae5767c2f4f813b990137a782d116223_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

Size: 56KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 812KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

naoipoeu
Size: 636KB - Virtual size: 636KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vjvzspbq
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE