047cf28d289d4e1553bf1946ab5c1c35_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

047cf28d289d4e1553bf1946ab5c1c35_JaffaCakes118
Size

557KB
MD5

047cf28d289d4e1553bf1946ab5c1c35
SHA1

d47b5ffda7826f3d6d1cfbb2de4fa1442f60ea4e
SHA256

93bc99b19d17f4dc2e42d16d2a1e7f0ebd5c132652cacff4c306f0546f12539f
SHA512

898d9591c4054c440154bececec56a0aced7537abe07cd510fec21048a235820c5d03d4e2609914bb02993b79eb7ea77174d6541b283a02c332ea53fc2f98cef
SSDEEP

12288:xfWY3SBhgY+Sl4DT3xygKM/vL4lpl3UARhTUCGa7:p32+Slk8cvL6lUAPTjG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
047cf28d289d4e1553bf1946ab5c1c35_JaffaCakes118

Files

047cf28d289d4e1553bf1946ab5c1c35_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
SvchostEntry_W32Time

Sections

CODE
Size: 460KB - Virtual size: 459KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 195B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ