24a19a35a86d356d97bab2ae424b4b1d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24a19a35a86d356d97bab2ae424b4b1d_JaffaCakes118
Size

692KB
MD5

24a19a35a86d356d97bab2ae424b4b1d
SHA1

d85d531fa86c6391d7540a3269f6ba82721103b2
SHA256

247d0c48d141a98760b65183fa0395c507486731366438278f0b5ef5801a2425
SHA512

95a619ea6421e9a2c250ef814a396f2b9c6241eb8820dff53cf619397c125429fdc487dbaef16f53653e13717d154d376ffca0faf25812e86d7e36ce18e5c312
SSDEEP

12288:wMjLqbhmNlGX4U+9Www+mN6MT6fXxZqwwv9SXY6ObvFUWt:pW1mNA4H9Wpn6aQwv9SXY6Obvy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24a19a35a86d356d97bab2ae424b4b1d_JaffaCakes118

Files

24a19a35a86d356d97bab2ae424b4b1d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 592KB - Virtual size: 592KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ