38d0f6810db4495ad803d442a91af595_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38d0f6810db4495ad803d442a91af595_JaffaCakes118
Size

144KB
MD5

38d0f6810db4495ad803d442a91af595
SHA1

5e3aa06ddc78eaec05ea222503ac2296c7a474f9
SHA256

ec9faeef9e31921a3f59b2bdef8c3f8bbfdaf27babed4bf7eca23925ec370810
SHA512

90e8bd2b0c17aa9107b26e9cf0f9525ff7cd4a0d53757bf54b03c1b081850761b841420eea968b846b5b72669dffea60010c9ecda5fad6da8b76adc42ff031c7
SSDEEP

3072:DAn377zXeK1kMDlyxcnTMnQ9uVn0bGaTm0D7Neo:DAn33CKKGnTMSuVnTgDJeo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38d0f6810db4495ad803d442a91af595_JaffaCakes118

Files

38d0f6810db4495ad803d442a91af595_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

CODE
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ