324a7314d6b7ede7913b435c0f948664_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

324a7314d6b7ede7913b435c0f948664_JaffaCakes118
Size

272KB
MD5

324a7314d6b7ede7913b435c0f948664
SHA1

8d4f933095310b9dd1c2d20cab242db9af3d991f
SHA256

a1c00547da78ba7ddfb9ab27532944587b35e081e06bf489c5fd1f07ef4cbd74
SHA512

fc614b6efdf7fa744c0b974774037dd919a7160618cc03b166f2c9ae69e630cf4a377e5ada23dbf62225095ca327eb94a4299d9e5e7b3fa0200d608e084815c5
SSDEEP

6144:xttpUaOvx0mXDApokKRirL2MtafIblDSkLnItomF0E/vDCRaeSJ:ftpUaOvLXDA2DUrL2MtafIbJSJlcaeSJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
324a7314d6b7ede7913b435c0f948664_JaffaCakes118

Files

324a7314d6b7ede7913b435c0f948664_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ