10256206e6c3c3af73f8d59e754e18c9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10256206e6c3c3af73f8d59e754e18c9_JaffaCakes118
Size

678KB
MD5

10256206e6c3c3af73f8d59e754e18c9
SHA1

da0d8561cbfa28a8e752b4123cf0e19ae3057286
SHA256

b9be2a5ad99dc925a8854f140ff7f630e1c0d20a53276026812229bc79b3e115
SHA512

06578236d5ab35ae34212d6370968cd84f359591c18b5e1cd7bb5bd21a30ec7bdcfb089ec05f8cbf7f58757a1a9d83defd821703fa9a3ac2480671da76d870fa
SSDEEP

12288:5M375NQZJdNRV4EcVZSSHxYvp2exwImrKY9fMX20:uHUJdNkEcO9sexwIGKYGX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10256206e6c3c3af73f8d59e754e18c9_JaffaCakes118

Files

10256206e6c3c3af73f8d59e754e18c9_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 581KB - Virtual size: 581KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ