1c1f86ab786dea50198bc628fed7fb99_JaffaCakes118 | Triage

Sharing

General

Target

1c1f86ab786dea50198bc628fed7fb99_JaffaCakes118
Size

248KB
MD5

1c1f86ab786dea50198bc628fed7fb99
SHA1

9957327cafc7bfb282205c49158329919d43316a
SHA256

467d15eda9765127c45663af704636bcdf3d930a1bfd5a51f86c50f35f41ab78
SHA512

e3f4ac15a633735d38acea2a30eea72b9744c355767831842be0ca5f1723ca131fde00eef9a083ea01f8d7d832de40c00cf151eb47aa760d09ef5a8c70ba3f3e
SSDEEP

3072:1NmeLQIR1DNmeLQIR1DNmeLQIR1DNmeLQIR1DNmeLQIR1DNmeLQIR1DNmeLQIR1:aaQAWaQAWaQAWaQAWaQAWaQAWaQA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c1f86ab786dea50198bc628fed7fb99_JaffaCakes118

Files

1c1f86ab786dea50198bc628fed7fb99_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
gfdhtr

Sections

CODE
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ