1c1a2b6598cf6d44c73141cfbde8f953_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c1a2b6598cf6d44c73141cfbde8f953_JaffaCakes118
Size

438KB
MD5

1c1a2b6598cf6d44c73141cfbde8f953
SHA1

4c674a7001aa863377bb5f44380d7c4f954a670f
SHA256

c14a2c037133adc1ff34b714edc83d387ff16298f34b0394133f5a195452dd96
SHA512

4b5bf708c907eadadf45c3820c9b942131a24f23c6e99aef3d885ef766bbadf5941989fded1447da1b0c24ba08a121a1204aad90f21af636fad3f7f29dd73457
SSDEEP

6144:eZ+3xd40imiligpQMTRPmK/9PmYvieYdnSjLJGIIZVdhycFhKfdg1ZL8NK4WEo+m:1xd40XilL5VBLJd43FbL8Y/+ob

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c1a2b6598cf6d44c73141cfbde8f953_JaffaCakes118

Files

1c1a2b6598cf6d44c73141cfbde8f953_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 372KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 161B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ