dd0279ab1dd7d868aa887551c9d69f19_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd0279ab1dd7d868aa887551c9d69f19_JaffaCakes118
Size

55KB
MD5

dd0279ab1dd7d868aa887551c9d69f19
SHA1

18816a3def8daca33b7616e0d363e4959ca97574
SHA256

c76249bf87b9ef45158da8bc763cdeeb37052cc5b89bfb21016abcdcb25ff196
SHA512

936138e9ec76299fd916584f27c7cac62f1ab47faf9db37a2c774b0294044cc92acba1988e3652d294060839049cfbf80a38ae0dce2b95ef4497a233804bde68
SSDEEP

1536:DgoWVhIm7i3m2HAVODvAuqUpIYEM8RqOth:aIXm262LT1EM8RV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd0279ab1dd7d868aa887551c9d69f19_JaffaCakes118

Files

dd0279ab1dd7d868aa887551c9d69f19_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

c31bbd8b11d61856715019e35422c6e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord941
ord800
ord537

msvcrt

_adjust_fdiv
_initterm
malloc
free
strlen
_mbscmp
realloc
memset
memcpy
_stricmp
_strlwr

kernel32

VirtualAlloc
GetProcessHeap
HeapAlloc
VirtualFree
GetModuleFileNameA
CreateFileA
GetFileSize
ReadFile
CloseHandle
FreeLibrary
HeapFree
IsBadReadPtr
LoadLibraryA
GetProcAddress
VirtualProtect

user32

MessageBoxA

Exports

Exports

DllGetClassObject
DllRegisterServer

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ