bc5ae196f24f9ea2cc4a0cf17bc6a3c9_JaffaCakes118 | Triage

Sharing

General

Target

bc5ae196f24f9ea2cc4a0cf17bc6a3c9_JaffaCakes118
Size

116KB
MD5

bc5ae196f24f9ea2cc4a0cf17bc6a3c9
SHA1

722505e5456e93c36fde26854a9ff067320081d4
SHA256

12226d85c323e0677425c3c5059f2d842bac4b93567689f2f78177c294e2b5ba
SHA512

331deec5e31f3fa99d6d96c6f1d72d1fb3f6fa456089d08d044ba49f69875f56240de298d2e82d5adb0de19eb0b39c19b96710700dd4bee298b1a20aa38c3967
SSDEEP

1536:tj3CG686Y3U9BZl+HfYzc5UXjRN/wtdP5KtU6s1DKE/72Qk566owQJJp5340tUi4:JaYkjZbkUf/wtdka+E/fn6t6j2mMC6r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc5ae196f24f9ea2cc4a0cf17bc6a3c9_JaffaCakes118

Files

bc5ae196f24f9ea2cc4a0cf17bc6a3c9_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

0e7aaae5959a2b85311510885eaf14df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharNextA

advapi32

RegDeleteValueA

shell32

SHGetFileInfoA

ole32

CoTaskMemAlloc

oleaut32

SysFreeString

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE