0e5b16df349205a67b1dbebb490d1ac7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e5b16df349205a67b1dbebb490d1ac7_JaffaCakes118
Size

156KB
MD5

0e5b16df349205a67b1dbebb490d1ac7
SHA1

44d4ae08b6493d5784bee1b1d541936247088c7a
SHA256

7e0392ea7ad9fab7af0c667f2770f1263aa022d6b14e6ac4859672d5b9a36dae
SHA512

79a91196c7c5c2b87e581a0c35eb38a74a18505dcd706eb2138a3f3240fc36ea42bcf48feaa70b7b0a6f515d4eb7c4b4e9f179dda2e2fade1d96ca6fd0ed0533
SSDEEP

3072:0Ifi6M+yZ4KBQDw3QBpq3ynj6ARCPBr+MDRpu0gP+rpEhpRxAi6:0N6M+yHceQBpq86ARCPJnmr7c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e5b16df349205a67b1dbebb490d1ac7_JaffaCakes118

Files

0e5b16df349205a67b1dbebb490d1ac7_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ