d74d4176253258adf509d73efc5c6593_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d74d4176253258adf509d73efc5c6593_JaffaCakes118
Size

47KB
MD5

d74d4176253258adf509d73efc5c6593
SHA1

43b5c1244a1f9759cff4f9437a0651f12c3c4a53
SHA256

f062d2b54d43a5bbdbbcb1cb79c789d4ea48dbc25033dc9219c8425ce49be87c
SHA512

d41860d556988fd303e64228d1e75f704fdf2d6f29f78622ada0c121a74a52a818ee838d01df73c34084762f2af5335402b3a6f36c822278bf8d336806a845d5
SSDEEP

768:GDO6xu9+YlJ3WUa2O2dNm0S0UOUZ07tDiOeujIvZ74Or3Z9XvnIg4XE1dcqU8:96xuHllWUaHIM0LVIIDzeuI4Or3Z9vn9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d74d4176253258adf509d73efc5c6593_JaffaCakes118

Files

d74d4176253258adf509d73efc5c6593_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 37KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE