36f0a7d47fdbf46cea819a1ea6ec1a69_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36f0a7d47fdbf46cea819a1ea6ec1a69_JaffaCakes118
Size

1.1MB
MD5

36f0a7d47fdbf46cea819a1ea6ec1a69
SHA1

2c6d9be3399a3a1a59e1cc52e0b3414fbe46ee5f
SHA256

0f2792b51248270bf3a0f31c277814982da4299f5edd1cb049fc13b2f0954c5f
SHA512

aee15b3ff51612a3255d3193dfe40e6ea71f9320c1cb9f9420de94229306b26ee18f5462c8d36f05f41bf55c3a2a32060ed1fb14b2c40c67faa02654c43934b7
SSDEEP

24576:SMpZ4OxwR1QcQq/W7ihb4bPWmBLXvPmVpTrdzjs00P:SuNZ7Ib8ZBL2/XQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36f0a7d47fdbf46cea819a1ea6ec1a69_JaffaCakes118

Files

36f0a7d47fdbf46cea819a1ea6ec1a69_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllRegisterServer
ServiceMain

Sections

CODE
Size: 560KB - Virtual size: 560KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 455KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ