10cfadfb49b1ca15563b20e72ffde76f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10cfadfb49b1ca15563b20e72ffde76f_JaffaCakes118
Size

8KB
MD5

10cfadfb49b1ca15563b20e72ffde76f
SHA1

ac36c22f6a301665be9175103fdc8f23157f067a
SHA256

dfb441f51609fe2fe11289f7fc0d5302878d71f417d4b1f0339f94e06b9c973a
SHA512

6f4f3ebf14a63f286b4e13f3e2169369588a0d74c7bba97cdc91975cdaa0ce1c1e64a81f88269c84a86ab0666f069b3f8e9e07f1c108a3966c9771d5d729ae73
SSDEEP

192:MPi1VpBRkbLpHICCWmG8BT4h54GuK9Y3qG2LD/chymgo+Ym4:M6QVjLh54G1AUbZmgDYD

Score

1^/10

Malware Config

Signatures

Files

10cfadfb49b1ca15563b20e72ffde76f_JaffaCakes118
.dll windows:1 windows x86 arch:x86

4b795511c50e4f739faa2199229f7239

Code Sign

61:89:5a:b2:c3:32:db:58:b3:9f:5f:a1:a8:dc:61:f1
Certificate

Issuer

CN=Root Agency

Not Before

09/06/2009, 17:22

Not After

31/12/2039, 23:59

Subject

CN=xfish,OU=WWW.CeleWare.NET,O=CeleWare.NET,1.2.840.113549.1.9.1=#0c11786669736840686f746d61696c2e636f6d

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateMutexA
CreateThread
ExpandEnvironmentStringsA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
LoadLibraryA
lstrcmpiA

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 512B - Virtual size: 243B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE