e936a2d149125edbda0b6302a5b5da25_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e936a2d149125edbda0b6302a5b5da25_JaffaCakes118
Size

136KB
MD5

e936a2d149125edbda0b6302a5b5da25
SHA1

f57762293410581f36cf152d2d9a7cd193306205
SHA256

76fca7bf43f1ab29660eedfc9c49fb24ab52f9ac6a0d18bd5536d6ef4e1d38a8
SHA512

d25bbe6ac3b2ef41103bef2112bdb540c56825c1a55b961d4837df42b5b93b16c088f4d51c49af5c73caafa2b8af01069042df02e1800462b6f6c7fc9efa21be
SSDEEP

3072:tsyK57E1cRsyK57E1cRsyK57E1cRsyK57E1c:WyK57EzyK57EzyK57EzyK57E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e936a2d149125edbda0b6302a5b5da25_JaffaCakes118

Files

e936a2d149125edbda0b6302a5b5da25_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
drtryu

Sections

CODE
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ