14afb8319d7132f62edf80b8d691d65c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14afb8319d7132f62edf80b8d691d65c_JaffaCakes118
Size

206KB
MD5

14afb8319d7132f62edf80b8d691d65c
SHA1

51e2eb080c6a44dad906a68b13ee7f4bffd958af
SHA256

c811ea12317fa8ee08cbc13c18a1af0229d767f236c6f1ecb20360e63d18fd3b
SHA512

381278948c66547f6b1734cec3da551a41f80795c53b9a3f6f3a39c3f461f04c77344c27a27b108b2e20b3b9f46a5fb744395de6145c26cf2bf49af2e4f9590d
SSDEEP

1536:2kfYLQbUzkfYLQbUzkfYLQbUzkfYLQbUzkfYLQbUzkfYLQbUzkfYLQbU:Ub/b/b/b/b/b/b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14afb8319d7132f62edf80b8d691d65c_JaffaCakes118

Files

14afb8319d7132f62edf80b8d691d65c_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
KJHJKFDSA

Sections

CODE
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ