JaffaCakes118_b0705927f9f2aaf27d35655f5919414ec1c2b40ed7cb47287c64e99477a3c740 | Triage

Sharing

General

Target

JaffaCakes118_b0705927f9f2aaf27d35655f5919414ec1c2b40ed7cb47287c64e99477a3c740
Size

573KB
MD5

2a82506aabdbe1f8f1df742c3a118603
SHA1

716bf12fe7b3be72c9ad9de18a7eeb67b5c35ffc
SHA256

b0705927f9f2aaf27d35655f5919414ec1c2b40ed7cb47287c64e99477a3c740
SHA512

10ad4a7f88dd1d2e47f967aa1ec7f0c468e90fbd388f72734726586bc31e17fba7dc6f6774152ddf3837a7372737115b9bfad66579e20d57765eb20f95a4b0a9
SSDEEP

12288:KZH7ymEvGjVj2VNYz6GC25e9+eqermKANUQZNrNzW6Tbh8EGpnMqBK0xZe:w+DGR3z6GC251fChAzDNzW2hnsnBK0x8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b0705927f9f2aaf27d35655f5919414ec1c2b40ed7cb47287c64e99477a3c740

Files

JaffaCakes118_b0705927f9f2aaf27d35655f5919414ec1c2b40ed7cb47287c64e99477a3c740
.dll regsvr32 windows:6 windows x86 arch:x86

2989694cea1fcb1f307bb74d635f01c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForMultipleObjects
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
WaitForSingleObject
GetLastError
DeleteCriticalSection
CreateFileA
WideCharToMultiByte
GetCurrentThread

Exports

Exports

DllRegisterServer

Sections

.text
Size: 565KB - Virtual size: 565KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 498B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ