0503d08c9819c2d07310eb87a527a335_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0503d08c9819c2d07310eb87a527a335_JaffaCakes118
Size

935KB
MD5

0503d08c9819c2d07310eb87a527a335
SHA1

c02ef4fbd3f39d8365672449006de9275e51d487
SHA256

e5f453a7423dbbae81db1f87ea07f54820b247970481fd80154ca2140437105f
SHA512

a40e6eeba11fd81f3d339df0879e83674abbf46b19032ab349c453d1a4b416670082b6a483e44b55da1035775f0fda13ea389430fd67cecec7911d140ebf875d
SSDEEP

24576:zOiNGJaxdbU/XbOgONQXs3xlcc7+w63OM2KcXIO+:zCExdbU/KGXs3xP7r63uKcXI/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0503d08c9819c2d07310eb87a527a335_JaffaCakes118

Files

0503d08c9819c2d07310eb87a527a335_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 925KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE