ea2bcb71a31e0e64cd8ac394facfa635_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea2bcb71a31e0e64cd8ac394facfa635_JaffaCakes118
Size

766KB
MD5

ea2bcb71a31e0e64cd8ac394facfa635
SHA1

083d4a4b77bd6b62894fd263f4cca87495360cf2
SHA256

e1841e9a8ad3a319ad5520f890c16c2cd15afa2b0dfe475aacab247e5f1bf14d
SHA512

4227232600f8f9eae0009993fe7d9711dba2ce09e8c1c3e623c6d4c84eb995823e63d5a8117dfc38ada8aff05e612279ba12cd2d51c7de42d537d8f1977679a5
SSDEEP

12288:UHCqAM6vj721fUXMgf1PuLpHz9vw8Gjk2Pm7WbXO1iIjt4VN00jLryMl9:UiqTyO6dMLvwosm7oXO1iut4VZl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea2bcb71a31e0e64cd8ac394facfa635_JaffaCakes118

Files

ea2bcb71a31e0e64cd8ac394facfa635_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 494KB - Virtual size: 494KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ