5bbd2e5bd81ffb8918716ef8001327f1_JaffaCakes118 | Triage

Sharing

General

Target

5bbd2e5bd81ffb8918716ef8001327f1_JaffaCakes118
Size

551KB
MD5

5bbd2e5bd81ffb8918716ef8001327f1
SHA1

f565a28f7ddf8e721d942e3939e63a35cec3d010
SHA256

2253c63e3554b89d5860448147cb2c6d591d586654e89e0ad0dceb3ad76c17d1
SHA512

6eda2c5024cd0e99e3d3084390bf86b001e98c5ced2257f708583d6724e20f45c97e7db0acc7cb68487c4cf6b6095aa8d92da757790785a0d377df41b8c4f82b
SSDEEP

6144:6Xg4MAR02cvZUpXW7NQOCd1hWp/n0RYvUBZK8CqAEyEpC9Ky7kiYTtoIwVdmldBX:8fM40BiXWxoLhFGNz2CIZoI/lvshT1W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bbd2e5bd81ffb8918716ef8001327f1_JaffaCakes118

Files

5bbd2e5bd81ffb8918716ef8001327f1_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
SvchostEntry_W32Time

Sections

CODE
Size: 454KB - Virtual size: 454KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 195B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ