f388280e5b08da6adbd20b4bcec40af2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f388280e5b08da6adbd20b4bcec40af2_JaffaCakes118
Size

31KB
MD5

f388280e5b08da6adbd20b4bcec40af2
SHA1

b71ff587329a5050a66d462de0d494f3b2b6f4b2
SHA256

82a1ea6b9113c1f0907dc5dad90d0fc6c797620372895b1ecfe45d0fbb3fece1
SHA512

bc205da34fc5005083ef85e9b7df9f185b32ede3196430ed9512b054dcb7507aa1a561b5c36b5b8bb8b689462641cea4a87ade4d54e6b50c110c402efadad6b5
SSDEEP

384:RNNe06t9hcZmDYDj8Q38+OKNRDfs9NmbKK5b+JGmhxYQ8fIHi0k:FeP9hw380lUN0KO8vYnfwo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f388280e5b08da6adbd20b4bcec40af2_JaffaCakes118

Files

f388280e5b08da6adbd20b4bcec40af2_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
lkgdad

Sections

CODE
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ