01b206834dcb02197954e84c9bf52c75_JaffaCakes118 | Triage

Sharing

General

Target

01b206834dcb02197954e84c9bf52c75_JaffaCakes118
Size

31KB
MD5

01b206834dcb02197954e84c9bf52c75
SHA1

82a074af673491adde22d60b467de09a9f3b57ad
SHA256

b5cd7c03361a86d4eb293e8189f0b10b6275851fafe5c054240bb4d54ff1244e
SHA512

69e54a3aa991d7af96263d0b4b6c1a12d9d1fedab74a0bccce90d45b3a8d3fedcffe1a0ed039e86cafd042dd787f38def33e4c9d9a9dfb355229b6b72344f141
SSDEEP

384:SRNNe06t9hc6ifclTH3wc9MYJcVMSOs/mZuu2vGGXM936Fwovt638WIHuaO5:YeP9hPMqcVMSOkSw5Xa+Ww58

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01b206834dcb02197954e84c9bf52c75_JaffaCakes118

Files

01b206834dcb02197954e84c9bf52c75_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
gfdhtr

Sections

CODE
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ