6ef6722ca9f0b91685b3b4868566e4ac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ef6722ca9f0b91685b3b4868566e4ac_JaffaCakes118
Size

674KB
MD5

6ef6722ca9f0b91685b3b4868566e4ac
SHA1

30dc68a2da174c060e1b71305344afa596cbe3d4
SHA256

d5d979edbbb6b1419b766e7cc836bdbbd9a33200839e7995e9f8201bfa121040
SHA512

ad9761ceac562435eaab192a6707bd9a8000cd87832baab74e7d9fcb6f7524b466dc1eda90c9af4a7963b1bd3bd366ee0a00dec1e322688aa11ab3d3c4f5a27f
SSDEEP

12288:SwO0UFmRHRdZ8VyQ+ONEbTB39tCN24Wl9/XTQwZaw/iu+Cgb2tePm:ST0CmtvOEQ3IE24Q/XTQwZ7iuZgbA+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ef6722ca9f0b91685b3b4868566e4ac_JaffaCakes118

Files

6ef6722ca9f0b91685b3b4868566e4ac_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 508KB - Virtual size: 507KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ