426ad17e41808abd00ce9e665d0312ed_JaffaCakes118 | Triage

Sharing

General

Target

426ad17e41808abd00ce9e665d0312ed_JaffaCakes118
Size

912KB
MD5

426ad17e41808abd00ce9e665d0312ed
SHA1

642ad42d8d4fcc8ea899836f441ed36e742bdad0
SHA256

0e6e12cb17dc77e7da584c440d61079ee4b4dd691c42a2bbf1b18c6a2b84a9a9
SHA512

ff9c634211bb127d51f24333912ead07b7bb6e34ebfa995895d1266bae43e0df213390f9ee39dc378c27c31d3b609fb4c150360707350d2d13bccaa95f30d811
SSDEEP

12288:4+wIniNbpYmem6EruAYXgRRXCGItjJSimDKrLn9R4p/hD4rHByUlCF2:ffMpYmNrunX2XCGI9JSr8/c6hyUwF2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
426ad17e41808abd00ce9e665d0312ed_JaffaCakes118

Files

426ad17e41808abd00ce9e665d0312ed_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 678KB - Virtual size: 678KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ