3ee01a29295b95991f9fef6505126974_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ee01a29295b95991f9fef6505126974_JaffaCakes118
Size

100KB
MD5

3ee01a29295b95991f9fef6505126974
SHA1

9d8feb49b7fc8edc1f171d8059263605e89981e7
SHA256

79b6e6c5e2229bcddf0697265d99b062b8ea3de830e99b229fda1bc1caf4662e
SHA512

5914dc9db9a9dab154cb45cb2acc7e68575512000681afd04219c87548d153849824ed1fde2cec7a1d12c7b56c0d2084d563e827f7c69f359a42db66f41a3e5c
SSDEEP

1536:2Mao7IJOGjI76QVbn24iFB+oGvIRQ/IU8QB47Sie9oaeiSh4nbB7GdRsamKiFFBZ:2M1oOGSV24iXiC1I4GxZTeJmHFPswJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ee01a29295b95991f9fef6505126974_JaffaCakes118

Files

3ee01a29295b95991f9fef6505126974_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

97bdfe3e6cf036b0a62395a20d76e9dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCommTimeouts
FindResourceExA
GetProcAddress
RtlFillMemory
WriteConsoleInputVDMW
LoadLibraryExA
OpenFileMappingA

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInit
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.text
Size: 96KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 438B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ