71e0ac102d1ce8e4642a8e2f2b9db649_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71e0ac102d1ce8e4642a8e2f2b9db649_JaffaCakes118
Size

585KB
MD5

71e0ac102d1ce8e4642a8e2f2b9db649
SHA1

dca713cd0c65a3b1f859d1e7cf4f3c14738d01df
SHA256

786ad08403b092ae04b393dc6396bf7959bd8bbc7bde5f6234fd1e92f80a1b83
SHA512

d73bbd9a45196c9147e323297c42637d034735aed1fd530c52a46985b204493e2539aa793544d423fe9d4d3ba83546310f29a72c2c764e006b6c9c50ae5456db
SSDEEP

12288:GMvpjL/Wl/nVgTxqOY5cWKoNXCDsxzm64SLbPFrEO20ru:PxnWl/ni7VoEgx5b90o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71e0ac102d1ce8e4642a8e2f2b9db649_JaffaCakes118

Files

71e0ac102d1ce8e4642a8e2f2b9db649_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 471KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ