ba4c9c7510f00cd0153d57a98f1662c8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba4c9c7510f00cd0153d57a98f1662c8_JaffaCakes118
Size

1008KB
MD5

ba4c9c7510f00cd0153d57a98f1662c8
SHA1

0d647f419a2f9c4e337d664802b9d52b91a9a214
SHA256

2224c06e7915151f26a474911abfb5b82e23fa44f52f04015d81bdc4d159cc25
SHA512

9f4acda0fdec3bd68a6124c22632e135a2f5a9f23957d85f6c7767f0d4ca98806a47ef23af171bba8f3176d22db80eb0931611a9a720f6521d3bf70daa2a0a30
SSDEEP

12288:f/ZRhjixUfsgKjAS1j1w/HGNspkWRfJDZwlgTAoTiaOVr:f/ZRQ2fspL5NspxfJVwlgTtTiH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba4c9c7510f00cd0153d57a98f1662c8_JaffaCakes118

Files

ba4c9c7510f00cd0153d57a98f1662c8_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DispatchMemory
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IAlloc

Sections

.text
Size: 652KB - Virtual size: 650KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ