37430889c8742a793ff81008d4811320_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37430889c8742a793ff81008d4811320_JaffaCakes118
Size

231KB
MD5

37430889c8742a793ff81008d4811320
SHA1

8b4b5ef5792ad11f4200f19cd1e0e2bb5868a3cc
SHA256

9891a734a0f5b4bb7d48657c637a79e88e67d8942979d7febf8231709c75aa93
SHA512

0f273f68514972ccde2c0b667ae442bee03c52f697055acbf5c25befa7056e6d4246e719d66a071b2f50590b7edf3d04a7bc2ab440740ab93ab88453051bdd53
SSDEEP

3072:bwQv3J+cP3wQv3J+cP3wQv3J+cP3wQv3J+cP3wQv3J+cP3wQv3J+cP3wQv3J+cP:bB3JHB3JHB3JHB3JHB3JHB3JHB3J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37430889c8742a793ff81008d4811320_JaffaCakes118

Files

37430889c8742a793ff81008d4811320_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
hkjdf

Sections

CODE
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 181B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ