2588bd605db405e882d2c1d284e49e7f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2588bd605db405e882d2c1d284e49e7f_JaffaCakes118
Size

728KB
MD5

2588bd605db405e882d2c1d284e49e7f
SHA1

7b80e03378abb15ae69baa47d75f1a26ea8a81c4
SHA256

2f5ba7a5f0367004375cf63098c991e7662300dd999c8a8be63370ab5eb9cca1
SHA512

fb27c869fdb3f1fb49637a274eb74c4a199ef3b1f49e3d1061d71358293a4ce8ec7c6443be2de01434cc66f11f23112b0f7548282ff4f1db70d7f3a9bf12175e
SSDEEP

12288:4NSjUr5R9OnflZ9MzAVLKhmeWQ8LtJxOR2uh443Mi7EncK6/yE:USArNstZ91l0ILFOR2uiClScF/y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2588bd605db405e882d2c1d284e49e7f_JaffaCakes118

Files

2588bd605db405e882d2c1d284e49e7f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 619KB - Virtual size: 618KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 167B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ