2fa475e76cb3078dda103f5193e0a111_JaffaCakes118 | Triage

Sharing

General

Target

2fa475e76cb3078dda103f5193e0a111_JaffaCakes118
Size

1.1MB
MD5

2fa475e76cb3078dda103f5193e0a111
SHA1

43fb76212bb4eb9c83b1b61ef98d80fa6c9baafd
SHA256

e87a6bb6a951fd9a669a5d8fbb2333cd36dfcbe0f54d917e03c3a98caa6d9c06
SHA512

c5f07a60b0b5ace28236a041fe7c93668cbcab25945093e84094d2d1f5abd8be393a33130d351aa5129f07181755a421ff1ccca1673404787962b05a6f9a11bd
SSDEEP

24576:SMpZ4OxwR1QcQq/W7ihb4bPWmBLXvPmVpTrdzjs00D:SuNZ7Ib8ZBL2/X4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fa475e76cb3078dda103f5193e0a111_JaffaCakes118

Files

2fa475e76cb3078dda103f5193e0a111_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllRegisterServer
ServiceMain

Sections

CODE
Size: 560KB - Virtual size: 560KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 455KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ