283b6bee3acdd3ac5e34b4d879e07c15_JaffaCakes118 | Triage

Sharing

General

Target

283b6bee3acdd3ac5e34b4d879e07c15_JaffaCakes118
Size

531KB
MD5

283b6bee3acdd3ac5e34b4d879e07c15
SHA1

9f28748b25445ba303d566f9b35e5ef61819801f
SHA256

39cf08802b86a1c87790f7b1522b98d6ccfad6d2cce9eda75d9805e8795a7850
SHA512

9aca18a257bf3ae206027c18fcfb962229937f457a5c00c167eb660ef3b84dc3f35396ff8de808521efb41fc97908c67db75d84744abda3c3d65a5a45e6f4f69
SSDEEP

12288:y1D8HuJuysLILb3Gg/4yVHpD7FKkE6LXyATIr:eqFDLI/2gBNpD7FKkE6LiAa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
283b6bee3acdd3ac5e34b4d879e07c15_JaffaCakes118

Files

283b6bee3acdd3ac5e34b4d879e07c15_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
RunOptions
RunProcessLog

Sections

CODE
Size: 422KB - Virtual size: 422KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ