e8b701dc3c1f3c70a7b080c77045a7fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8b701dc3c1f3c70a7b080c77045a7fd_JaffaCakes118
Size

138KB
MD5

e8b701dc3c1f3c70a7b080c77045a7fd
SHA1

8fe82de02d4e821670eb96c9a63d3cc495791bb4
SHA256

94541a3fea02777e91cb2e9119a0270178f99562035999abe9ef328df14cd9eb
SHA512

7d67a4560a5eb7a7437e12475a44fbccab28411ae1d8e89f5c430608e6f3f53f15cea14b13095def26b84281b46ef0e749a2a22695cd2f5f918d168637c9f616
SSDEEP

3072:LNAyqMUHm8RbGGjvR6ZFrAP9mZIl6j018/g8y14Qy4:vJUlRRIKeE8ova

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8b701dc3c1f3c70a7b080c77045a7fd_JaffaCakes118

Files

e8b701dc3c1f3c70a7b080c77045a7fd_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JSOff
JSOn

Sections

CODE
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 193B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ