431714c266b155f03d9f75c8b7c069fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

431714c266b155f03d9f75c8b7c069fc_JaffaCakes118
Size

789KB
MD5

431714c266b155f03d9f75c8b7c069fc
SHA1

b418f477228384e3c1847c0d87348dbe2dd73409
SHA256

a4eec99ddd0b1d520fe9c82ed1816324e32b69cbe283c0ba82c3f3e9dc2f16ac
SHA512

42772098e3864df4165ac53dcb2e9ad03b01eab9197d399449daabd7d2b7f7438f18e872c3f5a7af590f1847d5d9555b0ab9c27d1383e81d301a2ec7bf582f2b
SSDEEP

12288:NRwhexZFt2DOwyrWfbcHYrAQLR3H+8bRTCzvFDbVvU4Q:DC291wdyYrN0C8dDbVM4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
431714c266b155f03d9f75c8b7c069fc_JaffaCakes118

Files

431714c266b155f03d9f75c8b7c069fc_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 679KB - Virtual size: 679KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ