31175b63cd36bb01d073e19efb1a4c5b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31175b63cd36bb01d073e19efb1a4c5b_JaffaCakes118
Size

608KB
MD5

31175b63cd36bb01d073e19efb1a4c5b
SHA1

05a56792a898654106f3a3c76892b307d6a438a2
SHA256

58d90f57d8150eac6e8d62202fbeac50be59370ff6e4b5f3edbea5937368154f
SHA512

982a8f97eb6bf4f253d8201f512d1732f64cebb11c633e00db441928e083d4b1bfa5a304930ea49899fd7ef50cbe0e8e9ed3bd9676645c682a90353b891de3c0
SSDEEP

12288:4pIt9HX65cspWkY5DARyLuaIg3QaoOrxnfkqz0x/:4etFXsoB7LGnaoOrxnfkqz0x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31175b63cd36bb01d073e19efb1a4c5b_JaffaCakes118

Files

31175b63cd36bb01d073e19efb1a4c5b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 511KB - Virtual size: 511KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ