a604ede3071be1a17ae40bdc17d1d0eb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a604ede3071be1a17ae40bdc17d1d0eb_JaffaCakes118
Size

224KB
MD5

a604ede3071be1a17ae40bdc17d1d0eb
SHA1

5f5f8c4b7631fa3671a4f6170dfb401f30f7bf86
SHA256

e5ab31c1ae92e646313e30e071c94406bc07019ba9ad8409de9c4406148f6a55
SHA512

720e670cf2de55bbb1d169faf01c0a7f25a827e0d07d3de9bd08e695211d7608c478ab3f94f124b84d4e69c70419a0b284bbba63d91f300d9b28cf6cad4d4ed0
SSDEEP

3072:xp25uO8X/lLZ7KHQXbij0YpOJryWNCj3g9uSjQmBItzQIwiZ+LSS/ERH1/eGUabT:xWuO8X/lt7KkioWOtJShcaYdRzk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a604ede3071be1a17ae40bdc17d1d0eb_JaffaCakes118

Files

a604ede3071be1a17ae40bdc17d1d0eb_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetGoogleDomain
Install
Uninstall
Version

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ