fdcc06eef8646083068ae4fbaf8d9460_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdcc06eef8646083068ae4fbaf8d9460_JaffaCakes118
Size

28KB
MD5

fdcc06eef8646083068ae4fbaf8d9460
SHA1

efa2ca6e207a217aca7a8475076a32b524a690f2
SHA256

a2d54287d0e002c5535a01bf46d2c239057317dce584043adc30afb563208034
SHA512

634140cc95d6efd5ff9ff8b9a9a58a694fd0ca287d664f61cd07288f6576f1ada7d713d0408c4ec4061df5c3c54ca8d2abebebd6020b47222c0376fd3054d5a1
SSDEEP

384:0HvfUDy29zB2zDR9O8ER+M/8FA7Fc/amVlpnnwP71eH49oy77vvxlLvwoWUX8W:AvcDRwExJc/aiwBM4777Dvwe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdcc06eef8646083068ae4fbaf8d9460_JaffaCakes118

Files

fdcc06eef8646083068ae4fbaf8d9460_JaffaCakes118
.dll regsvr32 windows:6 windows x86 arch:x86

da004e95ceae0c6650a7c6766a44553b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

atl

ord21

iassvcs

IASVariantChangeType

activeds

ord9

netapi32

NetUserGetInfo

oleaut32

SafeArrayGetDim

ntdll

RtlFreeHeap

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 17KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE