f6425b2fcdf2f825b105a31c3f4b64dc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6425b2fcdf2f825b105a31c3f4b64dc_JaffaCakes118
Size

123KB
MD5

f6425b2fcdf2f825b105a31c3f4b64dc
SHA1

30617decf171416b035539ade04f0165134fcac9
SHA256

b56cbe9b1fbcd892589aba0ec5d5e0c0f5090a79a8ec40840c223cbbd8f4dbba
SHA512

e4978c079f59cc9505fd36e7c9c97a8b4fa1a699885c71d59ef70f48f38f11bf94e6c073c4d8712d62c3a6b8206cd7f4a8256549d886247d10c6dc87eb3825a9
SSDEEP

3072:+FZT1ANTblJH2pnM4VNZNQBJQH/pI3KQdr+UHltbNs/aNi5ka:sUblIXNyUhkBdKS/NZNi5N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6425b2fcdf2f825b105a31c3f4b64dc_JaffaCakes118

Files

f6425b2fcdf2f825b105a31c3f4b64dc_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

80fe09be11839b788b6967f33f928732

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharNextA

advapi32

RegQueryValueExA

shell32

SHGetFileInfoA

ole32

StringFromGUID2

oleaut32

SysFreeString

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 39KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE