ebe2fee1888dd414e83d2c5b35db5fc5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebe2fee1888dd414e83d2c5b35db5fc5_JaffaCakes118
Size

84KB
MD5

ebe2fee1888dd414e83d2c5b35db5fc5
SHA1

694f26f28461080f0f3ba1d509dde75866bf6105
SHA256

20b3ffa47ec8b2cf73bb3e5fe23aefa97cd760750fe1d97e99562c8cdf9597b1
SHA512

33aea2b5d167ac648a9964b9b4bf631d98e398eaa8bdfa65b207ecb6d40596325006efe60cf545004e4dedadc0ce07706f736e7c1fae052d82a6e1698f3a8a04
SSDEEP

1536:nbOyI/2u09Yf5+XX1B/bZCBqiKBcyF1cYsOJ2/6ZhBZPkwKBcyF1:bOf2u09jDjgaGQZjJ2/EhBZPkvGQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebe2fee1888dd414e83d2c5b35db5fc5_JaffaCakes118

Files

ebe2fee1888dd414e83d2c5b35db5fc5_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 3KB - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE