29298b8254edd9ac21900ee4bc6cdcdf_JaffaCakes118 | Triage

Sharing

General

Target

29298b8254edd9ac21900ee4bc6cdcdf_JaffaCakes118
Size

839KB
MD5

29298b8254edd9ac21900ee4bc6cdcdf
SHA1

e55368d5ba1ebf49a4f4d20d55404c9b7bab47dd
SHA256

61cb47da09934f4b1e3049e01cb82996b18bca3aa159f41a359d4951b3f60866
SHA512

6df6e8a236433d0313bdb163d8a44c51e9dfeecdade0c83ba61563d097c623d4dc61c3dc2ea58c7b9663cc89cedf7527f09c1acab0de7e1465063a1c088b8d68
SSDEEP

12288:EuUlSHsf2k3dlITfY2AXPkWBsF9vTyAAkTLWmyOeDH1uAWsn60jl9bOm:9MeGNWLAMpF9vGhTb1uKn6gl9q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29298b8254edd9ac21900ee4bc6cdcdf_JaffaCakes118

Files

29298b8254edd9ac21900ee4bc6cdcdf_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 745KB - Virtual size: 745KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 9KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 165B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ