b8e7aeb2b6a932c84942512adb683c3a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8e7aeb2b6a932c84942512adb683c3a_JaffaCakes118
Size

100KB
MD5

b8e7aeb2b6a932c84942512adb683c3a
SHA1

e57ef5167ce3e41f18ae53860f776201c10297fa
SHA256

2e39955a7f251fc397b79e9987c411e674ad7e82ca950d071667284e995242d4
SHA512

d546daf9ef4a1695b6e08e64bda59d1b0071dec117f0722403ef156c7b2b745a5da1dd568532df1e7f8092cb35a73e1a8cf31ec02075a887e9d18878f9bbf867
SSDEEP

3072:B5QfJ96kCd9O8u75Q+NH/RoDDzX4k0IUPZT7X:Baff6CdQ+NH/GDXXIDJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8e7aeb2b6a932c84942512adb683c3a_JaffaCakes118

Files

b8e7aeb2b6a932c84942512adb683c3a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

c448914afb78910d9d9a78eddb6b62b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

SleepEx
GetProcAddress
LoadLibraryExA
TlsSetValue

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInit
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.none
Size: 96KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.none2
Size: 512B - Virtual size: 342B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mnon
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ