d4bcbfdc331c1bf77fa117d83f204d52_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4bcbfdc331c1bf77fa117d83f204d52_JaffaCakes118
Size

800KB
MD5

d4bcbfdc331c1bf77fa117d83f204d52
SHA1

a938b154e51dd06146a12daf3e0cb6a672cca6ab
SHA256

9140870dc0c9a5b962fbfcccad103d1f500287223e718347a4bb12b95f05de3d
SHA512

ae447f4ed4bd090ebe494b2166cbaf29c8e31a6eb495dc7dd4c8c90e72088b74fd068e47a2b5df56b6fa4eeff87cfe0a9a8e0394f0a7a88055a524c8bfb187a9
SSDEEP

24576:ERcFLbZg2LQh1neYKwwAv0hGhLi8aH0Z:ERctq2LypwRGhLid

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4bcbfdc331c1bf77fa117d83f204d52_JaffaCakes118

Files

d4bcbfdc331c1bf77fa117d83f204d52_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Pojgdga
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

Size: 80KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 892KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tqvdjfwa
Size: 713KB - Virtual size: 716KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ppqhbqul
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE