ed637dfc3d7876c5580ee9a618517592_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed637dfc3d7876c5580ee9a618517592_JaffaCakes118
Size

621KB
MD5

ed637dfc3d7876c5580ee9a618517592
SHA1

2ed3dc74d7bffb28838b382a581a6b71cff5aeca
SHA256

e9378c9d5fa81cf758f63eb6c0166fae95fa59b2db9adb6103dc2aa80811d725
SHA512

1598d02b86a484d8998c26fe6470ef55ba92e2b41abaebefa6b7f28e136069198eecc2e0533c2285fb5110aa990e21a2d896151cfa8693cde573c3e71b78e9bb
SSDEEP

12288:e2GKLE3bZzwwJj7ihmQywEar3/THmmF0B:e2xAdE4w+wnTTmmi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed637dfc3d7876c5580ee9a618517592_JaffaCakes118

Files

ed637dfc3d7876c5580ee9a618517592_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 534KB - Virtual size: 534KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ