0115a8ed0f5e7c69d3b3e3e4a11ac037_JaffaCakes118 | Triage

Sharing

General

Target

0115a8ed0f5e7c69d3b3e3e4a11ac037_JaffaCakes118
Size

79KB
MD5

0115a8ed0f5e7c69d3b3e3e4a11ac037
SHA1

ae5d9790baf13290078b6ddd72bb60e98243e65d
SHA256

c57742b71927d45bb6d88f1510295afa91574e4534f2d1d7c203f13cb8cae5e6
SHA512

11ea3fe209c8f1cc78020a1ceaca66c7e9a9d7c50a03584e2fb465c1c6da2c37a6efe56a9a4e63156dee5939c274bdf063b1115d621b4fc1bf07a973ac932bd1
SSDEEP

1536:8Ovm0HTQjg1Jk2JStHGiixag72vMtTOXawOhwhjsHH0m3DlK8UWaw4m6izePp:8om0Q4H+Giixag7USyawO1n7l1UG4FiU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0115a8ed0f5e7c69d3b3e3e4a11ac037_JaffaCakes118

Files

0115a8ed0f5e7c69d3b3e3e4a11ac037_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

5eca34b5960006a92884c01b4933b248

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

memcpy
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_CxxThrowException
__CxxFrameHandler
malloc
free
strlen
realloc
memset
_stricmp

kernel32

VirtualAlloc
GetModuleFileNameA
CreateFileA
GetFileSize
ReadFile
CloseHandle
FreeLibrary
HeapFree
IsBadReadPtr
DeleteFileA
LoadLibraryA
GetProcAddress
VirtualFree
VirtualProtect
GetProcessHeap
CopyFileA
HeapAlloc

user32

MessageBoxA

Exports

Exports

DllGetClassObject
DllRegisterServer

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ