fddded0c45b27df0e17fe28cb91aa3be_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fddded0c45b27df0e17fe28cb91aa3be_JaffaCakes118
Size

30KB
MD5

fddded0c45b27df0e17fe28cb91aa3be
SHA1

ef498cac52725c4c899cfd4bac3acd0a8e93e665
SHA256

3ec0d6fff092e02ca3248f135d123d14bbd9c11c0028cb5982a2ff3c6dd0aadf
SHA512

d2703b35f61200dd52035527cf5908e4f4a2b5ea17976ab3588f86b93e0e2adecc0a407023a4ecf679786e18be4db1f52b7ab1c1fabb05f1ea226df5ae508ef3
SSDEEP

384:NNNe06t9hcYbb5Yroq7LOZO49VXKGKBOo3dc5pB6bXoZ5SYS38WIHgQp:peP9hjWrd549VXKnOoN+pB6bs0fMWwx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fddded0c45b27df0e17fe28cb91aa3be_JaffaCakes118

Files

fddded0c45b27df0e17fe28cb91aa3be_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
sdfrrg

Sections

CODE
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ