fc1aafa15fff81e8cef54cecb7ed48e6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc1aafa15fff81e8cef54cecb7ed48e6_JaffaCakes118
Size

18KB
MD5

fc1aafa15fff81e8cef54cecb7ed48e6
SHA1

0fc2fd1956cec1ad1f9f433218f6a84a82260f27
SHA256

cf741070ade2829b45c22e61748af9b797a71f28f4743474bfc3f444338a8fe2
SHA512

fb7be4b37e45432cd5864153367e487c36a32fce3a73dbcc407de2a160426b3e11f058f3ac87ee1319dd95ff06b5e0dd545ae122dc61f8cc2c471e96cc4a0651
SSDEEP

192:vtszKGzvmwTfQeLyUZ6kW0J2t4DVZgDQuAX2kuejqKb4tvAO3pw:vtsm6mwTfQVUZs0JUqZCAGku3tt3p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc1aafa15fff81e8cef54cecb7ed48e6_JaffaCakes118

Files

fc1aafa15fff81e8cef54cecb7ed48e6_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

3694118caddd26ba86f3632d31c8fafd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

EndPaint

gdi32

DeleteDC

advapi32

RegEnumKeyA

ole32

CoInitialize

oleaut32

SysAllocString

msimg32

TransparentBlt

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 15KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE