40fee0ce581a9400856af060733d9bb0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40fee0ce581a9400856af060733d9bb0_JaffaCakes118
Size

305KB
MD5

40fee0ce581a9400856af060733d9bb0
SHA1

ac6a6dfd3bdb5f6180d0180bdc73ace8922c0e69
SHA256

2caf87c14be0fd726d2c701092770ede85bb1e88a12ae3b9c9c17e98c19cec2c
SHA512

f5d9c646988cc30a98db7f03d28ec9e018961e7cba2075ad9f4c4b930b90cbdd442a63fc406a7c2fa060df81de421c83de4e768f1bce89e70d0ac5ed06ff7dfd
SSDEEP

6144:26hE5OTeMH3YBfrrTMF74mmhboq90EDfXFwtooLyB+y:26hE5OSMHoRfu78ZoXEDfXKtooLwN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40fee0ce581a9400856af060733d9bb0_JaffaCakes118

Files

40fee0ce581a9400856af060733d9bb0_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 245B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 179B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ