fdcf0f4bb1d70b69f02865ea2d3e31cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdcf0f4bb1d70b69f02865ea2d3e31cb_JaffaCakes118
Size

609KB
MD5

fdcf0f4bb1d70b69f02865ea2d3e31cb
SHA1

45cd7390bef43d1984f8035c14974acad55906fb
SHA256

6339d94a8d27df42aaf2b6a36290c17a3cb4096d6a0585513bb419195d013f6d
SHA512

a75e10ef56939ceb1e4ee0d35f6adbf410440aedb7ebc6b833f7722a228a57bb8a4c57ad4db30981a1e4e9ae6cd42ce67084a7dd7f205cfb114d6e7f27125a79
SSDEEP

12288:AAFp96Ffv/aX/tOo0O00w8NJidSCnTLtb7Ny4wJi8VBwxHeIBv7pj:FFv6piXQob009qSCXpQ4582eIBT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdcf0f4bb1d70b69f02865ea2d3e31cb_JaffaCakes118

Files

fdcf0f4bb1d70b69f02865ea2d3e31cb_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 483KB - Virtual size: 483KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ