26e81c6a692a0b69c1d8fb1d2fc40611_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26e81c6a692a0b69c1d8fb1d2fc40611_JaffaCakes118
Size

30KB
MD5

26e81c6a692a0b69c1d8fb1d2fc40611
SHA1

17eaac39ff4958dc18dffa445d9efbbc5bc52918
SHA256

84ed6499ad7d20cc2118570c56f93cfd2ba536a1fdc47f34c3c351d20d50dd22
SHA512

4c470e6205f24a8bf693cb74d9d563ec75ba6882a451660c6f9d9d42140c10fed3cd0f07b1ac529804b85ab6fda9460afd895f878b999e2ad3736be8b9873164
SSDEEP

384:sNNe06t9hcyL6sPCwajAxkkHsZLEip1ynHew78TvHnVeW9FYQwiXxwrvmwlXK8le:8eP9htmkHsbp0nHLEvHVe62Q5GvX7l2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26e81c6a692a0b69c1d8fb1d2fc40611_JaffaCakes118

Files

26e81c6a692a0b69c1d8fb1d2fc40611_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
KJHJKFDSA

Sections

CODE
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ