2f313035003c7c2b3eb0864d59b6d833_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f313035003c7c2b3eb0864d59b6d833_JaffaCakes118
Size

37KB
MD5

2f313035003c7c2b3eb0864d59b6d833
SHA1

cdfbe89d5d59e852570ae361e838a538ca3dc6b5
SHA256

1c7cd50113f6c1098feda383cefbb07877dc90031cf34559015d7a0d53d6623b
SHA512

90a6763c7410364819ab300ea92fb52d7aeb10812b7d38a36195e552464cfe627c2e048189e5ca3e93aa752b9a8fa5aaba65977bc1a06a3bb784c79cf1ce89de
SSDEEP

768:R3I/QHrfBIqTP9xu7KmoWiQuPUldIwnesvHR:CoieqK9Kjf5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f313035003c7c2b3eb0864d59b6d833_JaffaCakes118

Files

2f313035003c7c2b3eb0864d59b6d833_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
drtryu

Sections

CODE
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ