3c32984595b3229ba20d9f23ff6ec869_JaffaCakes118 | Triage

Sharing

General

Target

3c32984595b3229ba20d9f23ff6ec869_JaffaCakes118
Size

266KB
MD5

3c32984595b3229ba20d9f23ff6ec869
SHA1

f62d34669885ac182e0ff51fcf9b4cb37b8e4f8d
SHA256

f247db847a0e66cbe3817ecee93d9a5247699888da601a0c1a11444d1e2d168c
SHA512

9616472c981478dc5ac8bb3f2adcf26565b39f2489b2e0840c9c90e54294f45b698aa5f9f255282a2750f5d63c7b075234f7d058384382992a4895f58f6bb73b
SSDEEP

3072:g5hxlsmAt25hxlsmAt25hxlsmAt25hxlsmAt25hxlsmAt25hxlsmAt25hxlsmAt:Ophphphphphphp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c32984595b3229ba20d9f23ff6ec869_JaffaCakes118

Files

3c32984595b3229ba20d9f23ff6ec869_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
drtryu

Sections

CODE
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ