2ecd51b9e361b8f8168a05cf4499559c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ecd51b9e361b8f8168a05cf4499559c_JaffaCakes118
Size

592KB
MD5

2ecd51b9e361b8f8168a05cf4499559c
SHA1

ff84babc1ab92034948e74544f3fe96e132feec4
SHA256

c81ffd6f6db2c3535adb379240997be1c19ff650b3204548430173a74021f2d9
SHA512

b8bde5b0763cadf0b1cd042961daab4e3c4110bc86739f360e16068de961e8e3a794e7e0f3f5663afb702ec9a6c7bdc6537a037962a4dd998ac03e2734c84f7c
SSDEEP

12288:K71hE59TFymanrgLlXl7ytZopEDfXKtoGon7BIFC:hBLlV7ytepEDaSGfC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ecd51b9e361b8f8168a05cf4499559c_JaffaCakes118

Files

2ecd51b9e361b8f8168a05cf4499559c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 437B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ