dbe349bbe262b5bde24d7b0afacb1dbb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dbe349bbe262b5bde24d7b0afacb1dbb_JaffaCakes118
Size

805KB
MD5

dbe349bbe262b5bde24d7b0afacb1dbb
SHA1

3c99402e1974d2b8bbad836f627f4f04432aaa54
SHA256

c6363d3496d6c71612b90ea2537fcdbe5391f54ce547afe2cea5c20d57499e1e
SHA512

e4992a8b9928fd91af53da8f4648cd14c427e726704609867c2ad3f607e01902fce4ff610dd83bdc3b07849849a84356d3825816ab2c568abe22a559e6760831
SSDEEP

12288:us7PZMQhtCUyK2TK7kYFm3Z6xBRQeyyGC14yYm48t8rcYhI/JPK9JKOqLBZ9:ZPZFtCUaTU1OQ5y21xAccI/ecOe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbe349bbe262b5bde24d7b0afacb1dbb_JaffaCakes118

Files

dbe349bbe262b5bde24d7b0afacb1dbb_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
Hackhac

Sections

Size: 75KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 896KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

edpcmdbe
Size: 723KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ycvqjlev
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE