100065a2e28e7b513692a19b89b3b685_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

100065a2e28e7b513692a19b89b3b685_JaffaCakes118
Size

150KB
MD5

100065a2e28e7b513692a19b89b3b685
SHA1

507e6f661cb70476f462e64a2deef910a3220307
SHA256

ea761c0b228c81198731a549da63277a05acd3026f033866e7737a221b2fc8dd
SHA512

8c7d59b588ed59352d6751abbabc8bef3606f97490c60cb2ca6add5b11bd93fa87b533b9c0e384c5aaed76b4f0fcffb6cf8d2461ea50a62f7a31e3907f45020d
SSDEEP

3072:7B3nU5A5sA4DRpVEOizc6f1/mhd7G6ULuIsUJAgFsorpmEaXex6T:7B3UUzMiNVLSgCorp9a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
100065a2e28e7b513692a19b89b3b685_JaffaCakes118

Files

100065a2e28e7b513692a19b89b3b685_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MainExc

Sections

CODE
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 181B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ