4d2076dd0e8d75df9ddfdfebe428373f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d2076dd0e8d75df9ddfdfebe428373f_JaffaCakes118
Size

120KB
MD5

4d2076dd0e8d75df9ddfdfebe428373f
SHA1

0272f140ad16e372a717a53fdd6466c4a8a5fde1
SHA256

5c85b67f4e32e89e363294553ff852453301692a058a914f325efc3018f94f35
SHA512

5054aacd25084e681f19f48c9714032d82e22fcab5263caaa2a016f763ad78ae5fffb82def45a94626b0fca2ef1104ae86115143e32538dbf386efd1091c83c5
SSDEEP

1536:uo/O4kc2BGRcKRl6krYrIbafIlR/5abAZGbIO1Mzu66CZvE71ghJtcgT:uomIaqccD+bAZGbIO1Mza2kgT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d2076dd0e8d75df9ddfdfebe428373f_JaffaCakes118

Files

4d2076dd0e8d75df9ddfdfebe428373f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ