1147e1ae0a5ddadee47bd9c6e1931d27_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1147e1ae0a5ddadee47bd9c6e1931d27_JaffaCakes118
Size

973KB
MD5

1147e1ae0a5ddadee47bd9c6e1931d27
SHA1

281c4387c831b6c49da37503b80be5e3d3ac32c1
SHA256

daf8ee77ca585f4c31b81457834a95a19e774162d56715ecb9cd1eb9baecb36d
SHA512

c11a9325846b31feebcc137096d3215ac50d3bb7c83be8a43b57ca54f70ddc55b1d3369f164fe8f40954c8c5fb587b172f8156e39459353591057872c4537a94
SSDEEP

24576:dUqVplYpzQyI289iNzNA67QxKIB0iBn2Zr3zRGOSYJ6qvXHLJYMTSsA2WuDq0J:yQUzPmn2PGzYJ/TJgsVDvJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1147e1ae0a5ddadee47bd9c6e1931d27_JaffaCakes118

Files

1147e1ae0a5ddadee47bd9c6e1931d27_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
start

Sections

.text
Size: 285KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 285B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 657KB - Virtual size: 659KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ