ea7fa262dbbdffb93f0ad5673785c65f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea7fa262dbbdffb93f0ad5673785c65f_JaffaCakes118
Size

261KB
MD5

ea7fa262dbbdffb93f0ad5673785c65f
SHA1

ff7482f6d573b9c3165b3630cd01b95473b61b11
SHA256

d2378a37f559b73d947b9d6bad2d5769616808686346da20037b1f6f271aec3d
SHA512

2b5a3aa5b7c783fc18d69901622226414ebca730690f430a51ecda3df25c7e202d4726e3f491cda3bfacc1648a2e5cb8769f36a306be359a21ffd433661f0236
SSDEEP

6144:b3sWOZHpdSA8o4Zwk+SRvCsm3La3ClQu1n+PMJu0bJZel:b4SA8tJRQe3OQu1nSMJ1bJ0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea7fa262dbbdffb93f0ad5673785c65f_JaffaCakes118

Files

ea7fa262dbbdffb93f0ad5673785c65f_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

6ed2b970e17d27b8bb340539e732ac4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

ceil

oleaut32

SafeArrayUnaccessData

advapi32

RegOpenKeyA

shlwapi

SHDeleteKeyA

msdmo

DMORegister

ole32

CoTaskMemFree

Exports

Exports

CreateInstance
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 256KB - Virtual size: 732KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE