f4b9b69424e224eca5f74b368b3fe394_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f4b9b69424e224eca5f74b368b3fe394_JaffaCakes118
Size

236KB
MD5

f4b9b69424e224eca5f74b368b3fe394
SHA1

15688fe5f06403fe0c742a771bd1ec9cf31e7fe6
SHA256

5b1fb0acda79becf82ab3b31488d92c71b51391c46ef5485f6d09d873e1b90e5
SHA512

af65c4a44f89d373da762853f77764e23915e3369612bd3ca48d5abbf18088fa9c24483bf7e1e32e3f39dc81880102a4db6d51db186e0dc27beb59adcd8930a9
SSDEEP

3072:ul9Bm6b0jSrJQ/BbjCO1u0GhDruYLlASnlj3qSXY:ulelgWEOWxldlj3qn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4b9b69424e224eca5f74b368b3fe394_JaffaCakes118

Files

f4b9b69424e224eca5f74b368b3fe394_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ