f3023c08b21f147fe30758d1b516d64c_JaffaCakes118 | Triage

Sharing

General

Target

f3023c08b21f147fe30758d1b516d64c_JaffaCakes118
Size

99KB
MD5

f3023c08b21f147fe30758d1b516d64c
SHA1

14e83612f1b314143ebae40bc44a745846c5d1b8
SHA256

c6e380949e5aa4f040a79835636eb15a4cfa31e3993b62669e714200cfe06033
SHA512

fa33aea213703ae74624c532dc8f0a7a6e517b7601b90c12df511881c36ce34ebf5d443c091be1b5b247f302f97e3ac90379880ec9ed7b9b288ad7d7f089817a
SSDEEP

1536:hYAqPeEGw7AqVE7Uu2TNb6RAWzkwj+gBeylyAi4zzXOfnFUcI0crbjUj:Z9XBKQj+gUyd3efnF1ArbjUj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3023c08b21f147fe30758d1b516d64c_JaffaCakes118

Files

f3023c08b21f147fe30758d1b516d64c_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 165B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ