ce6ecfb6e535f1111d70749298fd8265_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce6ecfb6e535f1111d70749298fd8265_JaffaCakes118
Size

396KB
MD5

ce6ecfb6e535f1111d70749298fd8265
SHA1

5672a619bbbaf6d2a2b879b57e9c89a77e829135
SHA256

cead1715769d010d168110ea5e76519b9b0c9859945964786d12dc3aae791980
SHA512

e3e7760d6f328d655161110280fb79d473e958b4d0c47975720e1a7658a882946844fb606c479e099ee609f30945e8b2016222825d7a9b025af89a9e7766bb29
SSDEEP

6144:L/KPkbsTT5Lp1lVRAKeuIiCD8wWMH7PQTBJpZOxR18:L/KYozVRA7uIVrWMjQTr+T8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce6ecfb6e535f1111d70749298fd8265_JaffaCakes118

Files

ce6ecfb6e535f1111d70749298fd8265_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ