5e68027e8dc00a997368885f21234679_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e68027e8dc00a997368885f21234679_JaffaCakes118
Size

213KB
MD5

5e68027e8dc00a997368885f21234679
SHA1

7ce56fc681b7df069d95967f8c85d863577f78da
SHA256

83ac489047ee855537b973d46128abc16ee68340d00d6c422496ccf50bb59e92
SHA512

1d9c60645b0b5fcd0e5099623a4a37f0ed08e3a898be6af0a82a247fbae3d9e511bdad24d998d2272580b6b76d90ce0fb289fc5d74d4fd43ed0fede74cb6b874
SSDEEP

6144:t049gk3049gk3049gk3049gk3049gk3049gk3049gk:t3Z3Z3Z3Z3Z3Z3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e68027e8dc00a997368885f21234679_JaffaCakes118

Files

5e68027e8dc00a997368885f21234679_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
gfdhtr

Sections

CODE
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ