b71e5219df7c375133c3c8a20a5a6459_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b71e5219df7c375133c3c8a20a5a6459_JaffaCakes118
Size

1.0MB
MD5

b71e5219df7c375133c3c8a20a5a6459
SHA1

41a5691a9381da78ce251fa8a1672816ac046ead
SHA256

14465c3bc5de981c4c0912a5401eabda04a35530b7fca86230a62948dd4cb000
SHA512

a185f205877c0d24e8612ba817d9fe79af369cd2567d8000b4d7c06725701a6ea09f221fca14e46eda8f58266422c8c5a69a83f4242338e8e4d85821d393d136
SSDEEP

24576:dcntSTd8H75tEeZCaC83rPlEChz8Evrpvs1joEgdUVt:6sTdglGJo2IzDAf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b71e5219df7c375133c3c8a20a5a6459_JaffaCakes118

Files

b71e5219df7c375133c3c8a20a5a6459_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
start

Sections

.text
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 285B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 774KB - Virtual size: 777KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ