e9e6bc58f6324ec41d8b54a315ad9353_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e9e6bc58f6324ec41d8b54a315ad9353_JaffaCakes118
Size

563KB
MD5

e9e6bc58f6324ec41d8b54a315ad9353
SHA1

598ba1ce1b01f294b1a6e02c8c8c16f5a8efc2d3
SHA256

031200bd28dd9726069d2ab7f872eb474e97e4716a281ef51a56860bdf33cc4a
SHA512

fe37a89a2d3f1d9d4e86b54be808a6a5be78839db7a22ecaa363b6680145ffb660d9b176b305b445b87f16ed42028c7d22c3bf9680df3dbcc5c820cae3567482
SSDEEP

12288:w0Et9YDc/Tk4Po4wSSqodPF9C2vTgYkc9Cfv45:YtWDcw4o4Ts/9CkkNH4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9e6bc58f6324ec41d8b54a315ad9353_JaffaCakes118

Files

e9e6bc58f6324ec41d8b54a315ad9353_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 486KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ