72a702aa7f2dc33b0e2ef84e831052b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72a702aa7f2dc33b0e2ef84e831052b5_JaffaCakes118
Size

109KB
MD5

72a702aa7f2dc33b0e2ef84e831052b5
SHA1

444fbf467c6a4ce87cf9c2d743686c4c307b773d
SHA256

4cf5e3d4bf174072beb2f46e1a7cddcbbacd9a8d5c88f1c9cff4bed67d932e3d
SHA512

4f1e74ac61eee56a723f4b1d4812ad9961e3ba1ca8c005d62a356f63399199f0f5a39e246cec1db35d5d87806ae3aba0bd12451089c3d8452941b8e168a1d038
SSDEEP

3072:iYRTAveyfdQWlutRvDizdTb+09/I3HG5o9a2:XMGc6ptIzd9/ba9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72a702aa7f2dc33b0e2ef84e831052b5_JaffaCakes118

Files

72a702aa7f2dc33b0e2ef84e831052b5_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ