0091e4d9a1abefdeb2afbd8b0b5d97e6_JaffaCakes118 | Triage

Sharing

General

Target

0091e4d9a1abefdeb2afbd8b0b5d97e6_JaffaCakes118
Size

624KB
MD5

0091e4d9a1abefdeb2afbd8b0b5d97e6
SHA1

b54e0a83aa6cf9f428476d1d7e95e8d52631c8d4
SHA256

58e2e652ed7a83b5c2b04d00a937877c1d810f9fe34699f5741f7d2340bdaef4
SHA512

260a1f9dd9575f0cc72bd62eefc4884801cd5c64ea1f0c2f2d662d9cb2c321ad79bd1f21e67b30c40b3701e5f7c27b21761e64041f188442db2f50c901a15426
SSDEEP

12288:QhE5x7eVymanr9jJtZN7ytZopEDfXKtopn7Bx5:9ekjJJ7ytepEDaS3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0091e4d9a1abefdeb2afbd8b0b5d97e6_JaffaCakes118

Files

0091e4d9a1abefdeb2afbd8b0b5d97e6_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 441B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ