d2d48e5dfe78da81e1ee62ad15d2d451_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2d48e5dfe78da81e1ee62ad15d2d451_JaffaCakes118
Size

100KB
MD5

d2d48e5dfe78da81e1ee62ad15d2d451
SHA1

b1c8d54faa10c70216839b0ec1e4daf5c1231b47
SHA256

2019c2b4cc81419c61d4bec9aa6712862d6734cd5a2e77662dd075ca688186e2
SHA512

f8483fd66f7b1ba3dbe44fa804dfd34c0710d87c714851c4b21340183dd208feb7803143a43a0058d464ff7fea3b24a7e2eb9c26f7de7ef7924d07b12ea0bebd
SSDEEP

3072:exxyZARM+6atuZvfd8QWNtk5G4DdfIQpDP:kxy+RMz2Wvfd8DNIGVA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2d48e5dfe78da81e1ee62ad15d2d451_JaffaCakes118

Files

d2d48e5dfe78da81e1ee62ad15d2d451_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

7f8c1086f020cef3efdca0be822d52e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetVolumeLabelA
SetConsoleMode
GetThreadSelectorEntry
GetProcAddress
LoadLibraryExA
lstrcatA
QueryDosDeviceW
HeapAlloc

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Fjdfjdf
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.none
Size: 97KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.none2
Size: 512B - Virtual size: 454B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mnon
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ