44940eb19faf21c67800a2411ee7c575_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44940eb19faf21c67800a2411ee7c575_JaffaCakes118
Size

31KB
MD5

44940eb19faf21c67800a2411ee7c575
SHA1

92d0c52db1f74b18252007533e4153a8aa20f749
SHA256

53151d2f3744cf079576e383d4657ba5120279f483537fc4a1078c3b767ac322
SHA512

0f0267b74755b088b842afd1a0ce7c531c824713865e7a95e2d57946b8a03781f9b5be5f50b343823cfd1a93ee2e970685626de8d6115ffe76ddec7839f34007
SSDEEP

384:wNNe06t9hISIEDtUAkXShrhek3h175FgKsj7oL3pXnF5CGxe8lIHmrFTn:IeP9hrdMKX3H75KzjY51pBlwq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44940eb19faf21c67800a2411ee7c575_JaffaCakes118

Files

44940eb19faf21c67800a2411ee7c575_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
KJhjkFdsa

Sections

CODE
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ