2fab81c77a6e8d2d06bfdd3ccb40a9d3_JaffaCakes118 | Triage

Sharing

General

Target

2fab81c77a6e8d2d06bfdd3ccb40a9d3_JaffaCakes118
Size

558KB
MD5

2fab81c77a6e8d2d06bfdd3ccb40a9d3
SHA1

8748dd1fc5a541aa2d9a345b8478d03935b13ead
SHA256

6406c3ae90c47d1d401f61bf7ff42aa4b97f89a61a698a19ad8a324a140c5ee9
SHA512

b611ed543f93c782b30edb4d7cdff9ca3f380fa20cdc50162d9e4f4dbec8fb04f8026ab435cec2a56b71a626b1aa6c7ab562a140ab881e1b077beda86524c469
SSDEEP

12288:wQt+YuteVRVmUX83NYrqqU0dGQq3w0hTdgIz:w8IMRVrONSqqFGQNITdgw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fab81c77a6e8d2d06bfdd3ccb40a9d3_JaffaCakes118

Files

2fab81c77a6e8d2d06bfdd3ccb40a9d3_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

CODE
Size: 458KB - Virtual size: 458KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 131B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ