70a6eb3f8be6eda9e65cbfd44fc1858f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70a6eb3f8be6eda9e65cbfd44fc1858f_JaffaCakes118
Size

12KB
MD5

70a6eb3f8be6eda9e65cbfd44fc1858f
SHA1

1bab53b325b17c96f2ee4033740a3148a54a187d
SHA256

9355d12f5b422db09b2d84ea456970b5b785d1202dbef149e21ad3a77a073920
SHA512

11cd764c16e5681278c1fe5210bb905dc0bef6902707a6a1baac19f0437fb4bd6db581b1d79b8e41ba0a83c3d41250719a9f3c3bd3efcd5ed8f53a1f44abd2dc
SSDEEP

192:nE/TbL5ble8zdbEwPxK/F3blsyid2ITsPgoOYKHBgchmFW9QA3GMkMXPn19A4s3l:E/ve8zdTyBsyqAIZhgUAMkMX/19sWCt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70a6eb3f8be6eda9e65cbfd44fc1858f_JaffaCakes118

Files

70a6eb3f8be6eda9e65cbfd44fc1858f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

Size: 461KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE