45b605409fa327bfb2c32cf8a3ee1e3d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45b605409fa327bfb2c32cf8a3ee1e3d_JaffaCakes118
Size

573KB
MD5

45b605409fa327bfb2c32cf8a3ee1e3d
SHA1

d6d8467e7c3c93290ecfe3ae647d0d846a7614c6
SHA256

d1e83a01a9107331e2566a2804740df9653d6611e744840c68a5b60a0cb719d4
SHA512

e46a8935089726c62f46d07e3939b7e6e68e18746b042214a3897394f0d8a13038232c506c5dba304135a40ae9d718c5baf9ee78f6bb0e557ed22b4d860b4aad
SSDEEP

12288:K6Jh406TwZoDrTefpJfR9AVBG+tYcZii3EeqKGEAsFin1:dh4P8yDrWLRqnG+tYodwtEhE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45b605409fa327bfb2c32cf8a3ee1e3d_JaffaCakes118

Files

45b605409fa327bfb2c32cf8a3ee1e3d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllUnregisterServer
DllRegisterServer
DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 568KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE