b369b08ad821bef950cad5a07c8e8f10_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b369b08ad821bef950cad5a07c8e8f10_JaffaCakes118
Size

722KB
MD5

b369b08ad821bef950cad5a07c8e8f10
SHA1

104d45daba5fb0b17d0c31eb685638aa8cf2637a
SHA256

dfca7c37699c87f5417bde4f12ddd60bd12af5e8c2136d560b81051538ed72e5
SHA512

ab874e401e3e025ddef11e82d56b395ce5f05c10477721b49303504dcb8ac91ece63d266f6d34fd97ad73b3ec21fb458e53be80c11b50b48769a531fa55fe2f2
SSDEEP

12288:+GkKmIHLYCaWpXzU4fE1d1xs0Yfv0zAWFuhlCXRbmqky4mbdJ2I3ZvY59OhOuB41:BmcNaWpY9AWoyXFmqk3mb7JvY59O0uB4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b369b08ad821bef950cad5a07c8e8f10_JaffaCakes118

Files

b369b08ad821bef950cad5a07c8e8f10_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Efhfihi
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

Size: 87KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

esvfktmq
Size: 628KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

orjdbrua
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE