f825fd0b08a5d79e5fad1e50e64d088a_JaffaCakes118 | Triage

Sharing

General

Target

f825fd0b08a5d79e5fad1e50e64d088a_JaffaCakes118
Size

120KB
MD5

f825fd0b08a5d79e5fad1e50e64d088a
SHA1

a2034bb5aa9a194fe8ae66c744c1f0b56cbf7404
SHA256

8424541d06fcf342dc8009c0d247e8c98b1b26a6f402b9803ee60a0be44299f8
SHA512

6650bbfd6c2f0fccdc47ac4aec80ba130bba15ab95c573e1f69bb4f2145e4f4dfb82ca92f243ef86332d4af11ece5edf5e8ad5aa217c851f907b4a0035c33551
SSDEEP

768:IeP9h5Sq0fnpdPT9xWwVmeP9h5Sq0fnpdPT9xWwVmeP9h5Sq0fnpdPT9xWwVmeP:IkfsdPhekfsdPhekfsdPhekfsdPh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f825fd0b08a5d79e5fad1e50e64d088a_JaffaCakes118

Files

f825fd0b08a5d79e5fad1e50e64d088a_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
kJHJKFDSA

Sections

CODE
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ