78b6ada17cccc151443a8c902c479e06_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78b6ada17cccc151443a8c902c479e06_JaffaCakes118
Size

220KB
MD5

78b6ada17cccc151443a8c902c479e06
SHA1

15b8b2690e713b522c2894028029380bec02566c
SHA256

36e1c30200b1cd1d40cea7bce60c3cb4e413e68839e9ce1d6929987bcba73fd5
SHA512

b20e272786bfe5bbba2b877044afda970c834f7c0c65c67a99ad579c021d20719208f643cf5bcef14a81bb03a77e9ee3c4a0f3755c328e972adf60e4e72bf6a5
SSDEEP

3072:w7Ej7M7Ej7M7Ej7M7Ej7M7Ej7M7Ej7M7Ej7:w7Ejw7Ejw7Ejw7Ejw7Ejw7Ejw7Ej

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78b6ada17cccc151443a8c902c479e06_JaffaCakes118

Files

78b6ada17cccc151443a8c902c479e06_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
gfdhtr

Sections

CODE
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ