e0facf0fdc0a314f173f74ef629b985b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0facf0fdc0a314f173f74ef629b985b_JaffaCakes118
Size

102KB
MD5

e0facf0fdc0a314f173f74ef629b985b
SHA1

573abe8efb6fdc3d08ac1fa7cc0d78026c306aa3
SHA256

035dc5459bd638df4e436b8315b7ec81358d7ab3b93a15e3478320fd5150d177
SHA512

9f527f2583cd83c68d45cda1d509bcdbc97c795443fae52bfa53521d538dbd3d5882d1c3b55ccc31e44c416bab99f10431f985efec3a89d9ce356196e187ff1b
SSDEEP

1536:Vdehinkn4Eymq6KsJvnEK4EIprRT/6gNPqZ3HGWCfGvdeGUT:q3qqEVp96gNCZXCfrT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0facf0fdc0a314f173f74ef629b985b_JaffaCakes118

Files

e0facf0fdc0a314f173f74ef629b985b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

f774af0aa9365fe0fb5e004fe52af49a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

SetDefaultCommConfigW
SetComputerNameW
GetProcAddress
AreFileApisANSI
HeapFree
RegisterWaitForSingleObjectEx
LoadLibraryExA
GetCurrentDirectoryA
ReadConsoleOutputA

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Lamhgno
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.text
Size: 98KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ