051b4c3af3f5cc240e8193c8829de8e1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

051b4c3af3f5cc240e8193c8829de8e1_JaffaCakes118
Size

494KB
MD5

051b4c3af3f5cc240e8193c8829de8e1
SHA1

9d65a651119d18b4170d702bc51d5c16593faf62
SHA256

a174ba7188b713c99e1ea8250e1e669726f3718c3cb7c162f0a1e066b3ef8a19
SHA512

a59c2cc83d4af9be12ae9bdb45bb6aff75e6cd5c3102fcc356c888430764a0e3d9162fad449c90c96b5d548f54554b04138ec83bfe3b140addb831b27c961549
SSDEEP

6144:rH6tR0KfdOgM5DltnsT8/4RDYvC3p5yEv9WKxQaKaZGxt7FLrqxEosXBr5XpHEcX:wR0KFOgM2vvWlaK0xETXjlXDb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
051b4c3af3f5cc240e8193c8829de8e1_JaffaCakes118

Files

051b4c3af3f5cc240e8193c8829de8e1_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 415KB - Virtual size: 415KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 163B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ