21407c59b0c8c9699ea9fae05166bd1f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21407c59b0c8c9699ea9fae05166bd1f_JaffaCakes118
Size

644KB
MD5

21407c59b0c8c9699ea9fae05166bd1f
SHA1

72b9039b68c2cedf7612f685b10225390885d21e
SHA256

d3270c45adf6647088d9dd054781b053c9fd476ac33f9d1766362c5b2308359f
SHA512

be22bc447ca665bdaba1483482728c48c9954846f691f6e7bc2c986fcdd8af3472d030580cdcb01159efda41b530e3d0470de9138c0b9e1d3916ae5307f842b8
SSDEEP

12288:oviGqB8vFJySCXSs9/NAolnnMATPxhOLgis3exmavLkwHeIBv7pj:o6Gw8Ty3XXplnjlhOLgis3aHLjeIBT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21407c59b0c8c9699ea9fae05166bd1f_JaffaCakes118

Files

21407c59b0c8c9699ea9fae05166bd1f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 507KB - Virtual size: 507KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ