c87916a17fb6a21c5fa81c787ae85509_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c87916a17fb6a21c5fa81c787ae85509_JaffaCakes118
Size

9KB
MD5

c87916a17fb6a21c5fa81c787ae85509
SHA1

5b21eca33a4cd10a064745f40f3859b64c7778a4
SHA256

d93bf1955eb55b20aff331428b57136d088746eaf2183b4c191030213dcfddb4
SHA512

732987eeb75e415908722e4582b1b422c36c650117cc7d7386d5605977bb9eb4ec41b0d2619bb082785760e1cf759dd8a67a452198127a1156a2e454f50735b5
SSDEEP

192:nZxoAFi8EA/T1NKpSaIPbAa5nde4IYpbWM3CPzW:n7oAc8n/5NdNPZ50rYpbWaCPzW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c87916a17fb6a21c5fa81c787ae85509_JaffaCakes118

Files

c87916a17fb6a21c5fa81c787ae85509_JaffaCakes118
.dll windows:6 windows x86 arch:x86

decdebcf1e7c9eb3fcead67540a391da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

advapi32

RegCloseKey

comctl32

ord328

ole32

CoGetObject

shlwapi

ord219

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.MPRESS1
Size: 6KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE