5f083cc70d3e834815fa0e9923cf8796_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f083cc70d3e834815fa0e9923cf8796_JaffaCakes118
Size

31KB
MD5

5f083cc70d3e834815fa0e9923cf8796
SHA1

89ea4e5a71fb58e91b7ad1ca67a92e6849652064
SHA256

7f322cf4f46180b7509320d7bb240376893ce521a80e0eb42f36a3d1fc5a40ff
SHA512

a02ed479cf6caba2aa17e311d54200d4388cd55d181330b7d5ea6fd70926725cdabd20c064dfb46388276fe2ab3f88638c2d6f2f044e8a2d96a64100889e3034
SSDEEP

384:eNNe06t9hcyL6rnY5vgiT1Gk/OsCa9aEEUB2m+CY2mjGhkBN/FCN8lWH/lQas:6eP9hGsgWGsEUBBYJFrl2tR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f083cc70d3e834815fa0e9923cf8796_JaffaCakes118

Files

5f083cc70d3e834815fa0e9923cf8796_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
kJHJKFDSA

Sections

CODE
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ