31bee26a391dd93212cb1a0842a360a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31bee26a391dd93212cb1a0842a360a4_JaffaCakes118
Size

619KB
MD5

31bee26a391dd93212cb1a0842a360a4
SHA1

fb5d806c797f50ede7902fcde6f48fb90ffb72c9
SHA256

9899ce463124f171914364d617c8c57f4b00c1b27661b70167a4c75f76d52c7f
SHA512

ab7d3bec27f78ce37bb15ec499704012f344713349780a18b7880cfa017b48f417136b6d012c48068d2f55edae2d75758b924c6ef121dfced6d742a727e4852c
SSDEEP

12288:ohE5CltxS/3k+VdYwZo6EDfXKtoZn0G7BxJeL/0jU6f6SFEQ880GLZ06QyIKZWNs:Nk+cwe6EDaSZxJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31bee26a391dd93212cb1a0842a360a4_JaffaCakes118

Files

31bee26a391dd93212cb1a0842a360a4_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 453B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ