3e64663a5e0f7d132dbd83e79e471065_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e64663a5e0f7d132dbd83e79e471065_JaffaCakes118
Size

889KB
MD5

3e64663a5e0f7d132dbd83e79e471065
SHA1

a66597d2a39734b45361e75967ea6affac1efe75
SHA256

d0a36b6ecc84cf5dbfaa9af4dcd1177bbe1c41185b6a39226f412633973ac1a1
SHA512

ce9eee73d47720e419e9b80374c3fa9899126d0effb2188e5429bc5d9cd950f5e80d8ae1aa2bf413da1f65aec94656eae2a74cb1c3c3061a8e9cbcc3b6d322ff
SSDEEP

12288:pwScAcHkIZTN1hhP5bVA4lKSqVgxKOVByrQPifFzdmz+BuYCNDs7uvsvb:m7Lk4hhRbe4USygFmQkNe+Msvv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e64663a5e0f7d132dbd83e79e471065_JaffaCakes118

Files

3e64663a5e0f7d132dbd83e79e471065_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 776KB - Virtual size: 776KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ