30d2278d852b18442d47531b70ec02ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30d2278d852b18442d47531b70ec02ad_JaffaCakes118
Size

35KB
MD5

30d2278d852b18442d47531b70ec02ad
SHA1

aadad9d7d276f0d9e500a7391500e2cdd90c5a5d
SHA256

6e02aaa13844ddf9cc014fc2c3d3ee3109f20b81ee50015dda6c2eb7ae0cf6b5
SHA512

6503b3037a915a962604f20891056e268a5eac9b60ddc69df20d8f8e4d5abd499a9b087257e31482fa53b3d9945060d86505707a379957def5ca4d9a754ee4fd
SSDEEP

384:Rd+kcVCpns8sJPU3tpaWNacDt0ag2v7Hg1S33zASL/zORHsw+b+xZRn33pfv6oYg:r+xCpnd3asaSrzOukP3Nf2Ww+9r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30d2278d852b18442d47531b70ec02ad_JaffaCakes118

Files

30d2278d852b18442d47531b70ec02ad_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
sdfrrg

Sections

CODE
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ