0028ba4ed6fa12fdb1f554838167f763_JaffaCakes118 | Triage

Sharing

General

Target

0028ba4ed6fa12fdb1f554838167f763_JaffaCakes118
Size

248KB
MD5

0028ba4ed6fa12fdb1f554838167f763
SHA1

691f168b83eb4e1be836abe06a4cf20544bc2cee
SHA256

38bff3a57289b8a5305d5675e2c48195905588e738c2e7de4b3ee2725b6d52b8
SHA512

e8a30260e7f71aa2247b52a91d48dfa9b2a689254119c774f23a7d3d7018a7cbc4846afbb57d3cf3d0b533838c5c10f755b4fd56cc9bda10bbc1d131d50c61f3
SSDEEP

1536:P50Km/LE8t50Km/LE8t50Km/LE8t50Km/LE8t50Km/LE8t50Km/LE8t50Km/LE8:zp8Zp8Zp8Zp8Zp8Zp8Zp8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0028ba4ed6fa12fdb1f554838167f763_JaffaCakes118

Files

0028ba4ed6fa12fdb1f554838167f763_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
kJHJKFDSA

Sections

CODE
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ