a35017f1bfb0f683e58980c9e25cca29_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a35017f1bfb0f683e58980c9e25cca29_JaffaCakes118
Size

232KB
MD5

a35017f1bfb0f683e58980c9e25cca29
SHA1

96f719a385dd2553e947543852a1e6cc8aed8632
SHA256

42eb1d9663b566d9ff528ddc8fca46e22ec34b1d0ea6077483d3d8d3e51ef5d2
SHA512

03c2a4fd9c2680a680a4e7294e54b1cb5aa90eab1099752ff74059607501a72ae84e4d91a6f8b2294be886027d4af7a096806db204912359f30483f671da4be0
SSDEEP

3072:uKGb2Z1rTVxOKmoVneg4vDKno2brpDDixy/K1FeINOrW99jka+VDMb107:RB//moVnovDElIxy/mhbjka+u0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a35017f1bfb0f683e58980c9e25cca29_JaffaCakes118

Files

a35017f1bfb0f683e58980c9e25cca29_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnRegisterServer

Sections

CODE
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ