c7ee9c058caf8671b479ec4d68739703_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7ee9c058caf8671b479ec4d68739703_JaffaCakes118
Size

399KB
MD5

c7ee9c058caf8671b479ec4d68739703
SHA1

a511d7f0fffe8f65568fee88638ba7026302555e
SHA256

e972d8a7b2ee31852f73cb8433b300a53e3ca8364552d3b62669cba01bd129c3
SHA512

8c5a256546e4df64150690eab77d4865f51e82810981368f94579a08e274710f973d24649bcdae3ea519101d37900c370c2b97697eace96c6ef55fc6a1f5e85a
SSDEEP

12288:V1AtV1fETS6y690++Odtt1KNsGgJKQTrcYBE6w:3TS6y1Ut1K/gRTrcYa6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7ee9c058caf8671b479ec4d68739703_JaffaCakes118

Files

c7ee9c058caf8671b479ec4d68739703_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ