3d28bdacf9b3ddd38195e3bc9abca6a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d28bdacf9b3ddd38195e3bc9abca6a4_JaffaCakes118
Size

96KB
MD5

3d28bdacf9b3ddd38195e3bc9abca6a4
SHA1

26d1df790f673494acda1b0946e8091942a392da
SHA256

2f451b1fe28060e8c6992b8efa7948f4cc963dbd7d6f2395a31488899e84ed1d
SHA512

36053e24241f9d5a93ba214b675033bca5c8fb1307ee04ccf49e11e21f6e46a01dd8f876e4b483fd973d7153985a97a20f3ce68504c08e169d1a584a1e5f89aa
SSDEEP

1536:luZeAj1jmL7mskH+pHMyXkuePl6TZeykf1jr9MzrIUrD2g8Jq2zNBFSo:luZeAbskHwMyUue+4yE39yrriTXS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d28bdacf9b3ddd38195e3bc9abca6a4_JaffaCakes118

Files

3d28bdacf9b3ddd38195e3bc9abca6a4_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

bd51a645a9c68bd03b2e51586e5cbdcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 279B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ