bfd6ba5f1bf4e74cf2c2e01c9bde196c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfd6ba5f1bf4e74cf2c2e01c9bde196c_JaffaCakes118
Size

1.8MB
MD5

bfd6ba5f1bf4e74cf2c2e01c9bde196c
SHA1

7ce75cc49054fb488f8ddbcb22bcbdcacbed0efc
SHA256

9688ec3825acce7a1d316de8c0b303d92bb5f3883293328de24336b3f9d9f1aa
SHA512

26d6f26feaa04aacabec482380cc0ac2e187e989e7486d2cad9e364e0d679f344f5c60d4cb5f3b19e2f8024fb2a287ca82933998690488ed7d32b4a8ca8d096d
SSDEEP

49152:9HDDJ2x2xnZ42TXeEfdbaZeKCOdC1ANK:9Ze6//10K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfd6ba5f1bf4e74cf2c2e01c9bde196c_JaffaCakes118

Files

bfd6ba5f1bf4e74cf2c2e01c9bde196c_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 738KB - Virtual size: 737KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1011KB - Virtual size: 1014KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ