6481e13d609c76b6cbb25d7a3fb1ddd4_JaffaCakes118 | Triage

Sharing

General

Target

6481e13d609c76b6cbb25d7a3fb1ddd4_JaffaCakes118
Size

63KB
MD5

6481e13d609c76b6cbb25d7a3fb1ddd4
SHA1

c1fe720c93534f4cf6c3b40f681c467de093cd08
SHA256

c38b8fcadc0890ce3c69d6b37aae27a6292c3fb83fd26b70d8574130d9911977
SHA512

3d0e4f08b67e16eedd56ac0d941b73f283ee83ef3ae209573a8bac5f906ad21bab33613b5f5f0d1ec3c9571d6f2a3677296b800f378c3c2b851bbcdac71dd7ce
SSDEEP

768:PeP9hnWC677XAXgsK9WwaueP9hnWC677XAXgsK9Wwa:PkfkQXgj/kfkQXgj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6481e13d609c76b6cbb25d7a3fb1ddd4_JaffaCakes118

Files

6481e13d609c76b6cbb25d7a3fb1ddd4_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
KJHJKFDSA

Sections

CODE
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ