f62a6b621cc4c891e4d36fb4b845859f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f62a6b621cc4c891e4d36fb4b845859f_JaffaCakes118
Size

81KB
MD5

f62a6b621cc4c891e4d36fb4b845859f
SHA1

b2a2d18a626e95f35837c7822e5f949b91bc841b
SHA256

80b1241fadbf5eaf482a15d3ecd6407fa2da494934e08d5b3c2f0ffb52246f32
SHA512

1c0ae0200ae752d9cac03059e6e9431e35ae35de5fab4bf5ad449b9abfcd7f9293613e526d06f7bf124a1dc102f161cb7f3270aa17f5fa208d1cffe59eb7ab45
SSDEEP

1536:Rg6kq/V9Nb3qwH2rYSfmXDFP3oPVDFuEwM+S2Db9S7Fw2Lq74VVlD8WWv7sS:Bkq99s82rWhytwtX9S7FwcHVV8jR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f62a6b621cc4c891e4d36fb4b845859f_JaffaCakes118

Files

f62a6b621cc4c891e4d36fb4b845859f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

cfeecc111328f6e6839349cf9972f58a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FreeLibrary
EnterCriticalSection
LoadLibraryA
LeaveCriticalSection
GetProcAddress

advapi32

FreeSid

oleaut32

SysFreeString

user32

CharNextA

version

VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.text
Size: 79KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE