3d9c559f8e88662474ad6ad73a681b35_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d9c559f8e88662474ad6ad73a681b35_JaffaCakes118
Size

439KB
MD5

3d9c559f8e88662474ad6ad73a681b35
SHA1

15cf005ad9826f11ec3046cfc6cdd8ae5a46a4ce
SHA256

a5f5fb1f9696a5d32b8bc6180cdacf3348543da0011cc6ffeea3eec0c163bb36
SHA512

a0fb2af44747746e8e7bc274e48e29a98a4aee70984a76b5e158856b6e3e2c0ce0e69b37769bc58ef3e375a10f41b7da60e6fcbf7402e7b9283a20a22183e5ba
SSDEEP

6144:eBpxf38bseXaX3E74s2dUwyZY/7DvYvbvBHFc8k71fhATJpVdIfei0eAWsJvbwEP:IDf38blKX3Er1LXk7FuTs2LeHsJzeZwF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d9c559f8e88662474ad6ad73a681b35_JaffaCakes118

Files

3d9c559f8e88662474ad6ad73a681b35_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 373KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 163B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ