7269c72443562988763db1efd3fd249e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7269c72443562988763db1efd3fd249e_JaffaCakes118
Size

147KB
MD5

7269c72443562988763db1efd3fd249e
SHA1

c33123ad69cfd2d84d5d0a6931822f98a8371edd
SHA256

91dfe89b9c0d86d3ddd5bc1147a0e0be22e0d5cbe72ecbdb623f04ebf1af8f35
SHA512

510126fd140e7ed0ce153a98b4d6dd91421e3da72caaf739d4d25c5f74c04f21b39c1ba88fa6d06186d281f5b0fb7963bc5232471ef8d5f54191afd787336735
SSDEEP

3072:vIDjPbBml9o6i3IKInht4zzwjqX3TsEc4LLrg6HXbnsAoOY/vQrcXx9Zx:ADD5H3gnL4/TrVrnsAM/vQY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7269c72443562988763db1efd3fd249e_JaffaCakes118

Files

7269c72443562988763db1efd3fd249e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ