70d2eb49b41e2c6672997b6e7972b29e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70d2eb49b41e2c6672997b6e7972b29e_JaffaCakes118
Size

162KB
MD5

70d2eb49b41e2c6672997b6e7972b29e
SHA1

b500e70e3ea0de8d3be044ee915ca9d5897a94d9
SHA256

de9b2a17c89042d3bc87c62927feadd839b5e262e587fc66716f9578f2a6a092
SHA512

a3d6c033c6c09e79cfef3af4c65ca0968ae764db1a5a4ac46c95e14d467f6fcc8ae45ca138ebefabc13d697a4f152dd7eb28af74e771524eaf702facc674c6f0
SSDEEP

3072:TsPiyQuUhRB5uTT9qDANOTo4uICXWdnQHhTBfd98bpW7YBf:QPiyQNRB84LROhTBl6k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70d2eb49b41e2c6672997b6e7972b29e_JaffaCakes118

Files

70d2eb49b41e2c6672997b6e7972b29e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllRegisterServer
ServiceMain

Sections

CODE
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ