61181fbb233bbf37780ab06871558358_JaffaCakes118 | Triage

Sharing

General

Target

61181fbb233bbf37780ab06871558358_JaffaCakes118
Size

802KB
MD5

61181fbb233bbf37780ab06871558358
SHA1

92f721f7e4c609a0b27ea0e11eca9babdb4d47d7
SHA256

bd76837e998bae41fec9cbb1f993d6d50119969a665a1a5d3f444fb9f418d97f
SHA512

f0193e782d296c8194c893cab72b78a622eeb226b276b2548cbd86747fab0838b07dca56c9525902fbfbf89372c1cea3c4309d6957010f63a496b611a483f424
SSDEEP

12288:kKSNTJLHf6dxOJYjGCXOWHvyJ2wbAhYU6UqBDcLoL/kJEfPww:HS5ZHyxc2Orb+HqBCK/dww

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61181fbb233bbf37780ab06871558358_JaffaCakes118

Files

61181fbb233bbf37780ab06871558358_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 659KB - Virtual size: 659KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 165B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ