f6dbc1e8f394f02817447a93dd9e8253_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6dbc1e8f394f02817447a93dd9e8253_JaffaCakes118
Size

471KB
MD5

f6dbc1e8f394f02817447a93dd9e8253
SHA1

2ac960a92119e213732330adcb44441bca051c09
SHA256

ca218ad63cc81787f5506dfbcb6debbffd6bfe9a2500f3ac6f3392b8dca2495f
SHA512

fc915b72afb256ccc34d573f3984e2f6971a285f3935465c6c08db0e58c3b0f7e40826add40e3b432732d295aa91d71e6eb9d8a1c5049ccac1a069db6d547f83
SSDEEP

12288:XqVQrzBCKZkiuRADYpz+k+bNkO4nHyQhtjyJdQTrkFzMxGafz:Xo6ucE+tbNv4nHyQHysTrkCAaf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6dbc1e8f394f02817447a93dd9e8253_JaffaCakes118

Files

f6dbc1e8f394f02817447a93dd9e8253_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ