3cc07f8036df0590970ac1966c64ec83_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cc07f8036df0590970ac1966c64ec83_JaffaCakes118
Size

568KB
MD5

3cc07f8036df0590970ac1966c64ec83
SHA1

80b89a1ad0b2412b9a0c95fe61a6fe3ab1858fa2
SHA256

b294a330a9c6e250fb92b59477dc5b7881641e95b72420a93ec8a0aaacb5cd70
SHA512

bdb8b9332a3c659b619af3b7b36914b005e800dfdabd1d7180dc81c69b570d0f1553c979b37a2cb229dc7a58a30909b9d77143af5b5b5d9e0be81cd152f8b4fd
SSDEEP

12288:wHCqAM6vj9ASYe9dPSQBN9KtJ6IMLxaoSDVjEty7uKft6nXkK:wiqTyp3PSQNKP9MLxaoS2ty7T6Xk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cc07f8036df0590970ac1966c64ec83_JaffaCakes118

Files

3cc07f8036df0590970ac1966c64ec83_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 495KB - Virtual size: 494KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ