ce64537a9320c9ea7e8703bbc05c569b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce64537a9320c9ea7e8703bbc05c569b_JaffaCakes118
Size

29KB
MD5

ce64537a9320c9ea7e8703bbc05c569b
SHA1

c502a0b9ea512b28e2a5f2cf4db166bd2ef7df60
SHA256

d38687412c13bbb394955458cb8c8b6ed5187ce14529192554e07cc9209607b0
SHA512

cd455350eaf9ce1ae092951221bd1c2cf9226b95b48cbcd4da404f24db70a00caa2a7e1fffd73a0f77702b8eee31d8d8b215411c2d89cb5d0ee85867497ae901
SSDEEP

384:NE3ILLHDLVNjDq0uXGIkbXBT04poK1W1o/KdlC1d73SmuSw8G97vvxlLn2WPKiW:NEmH/q07BY4pZW1o22dNPw/7Dq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce64537a9320c9ea7e8703bbc05c569b_JaffaCakes118

Files

ce64537a9320c9ea7e8703bbc05c569b_JaffaCakes118
.dll regsvr32 windows:6 windows x86 arch:x86

c96f0fac7a31156a27922e15dc3deccd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

advapi32

RegCloseKey

user32

CharNextW

oleaut32

VarUI4FromStr

ole32

CoTaskMemFree

ws2_32

ntohl

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 23KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE