3ef53ae5095ff826f98b48ade732016a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ef53ae5095ff826f98b48ade732016a_JaffaCakes118
Size

156KB
MD5

3ef53ae5095ff826f98b48ade732016a
SHA1

317690a8e96f0d0e474d30a172bc0f1b209f0dc4
SHA256

8b78a11ebf62775344d77d19d313245fdd57fe302a1d5724f2477af41376c6c6
SHA512

75abb5d22f73f957306c2e38d10b7f5c74fa5e4156d4d4bab8138b2e730f6fa5bff928caa2fbe8e46fa91c536a36028824f26b2a6cdf5716d75d4ddd8cd24317
SSDEEP

3072:eIfi6M+xK/py1n/qPsGmTQzY441L+O/4MPR+fNy8grd0rS4D9ZyOtuV5fdfCEjGX:eN6M+xapy1n/qPsGmT0OL+bkR+Vy8gr8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ef53ae5095ff826f98b48ade732016a_JaffaCakes118

Files

3ef53ae5095ff826f98b48ade732016a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ