8279811c1c4b79f1db0eb5d3231c3a31_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8279811c1c4b79f1db0eb5d3231c3a31_JaffaCakes118
Size

31KB
MD5

8279811c1c4b79f1db0eb5d3231c3a31
SHA1

ef8b3fca09a2fe5184fa35a31cb535ddc176ade4
SHA256

1e1ee7b8f6c87c68479cab199510f7ea5aefe4ac21d347ed20bb3602b32c4b8a
SHA512

20694a89110ac01649b8470b40567167060653226d375ed681683f2c4d3ca18627218cd72cdceb6436b428e55aa038e88bb36a569db508b316878fffd97a82d8
SSDEEP

384:QNNe06t9hcy7+dbxsFU6vYykXMYB2CUj5Q6xrIYLPwUceXsDT9on8TIHmJ:oeP9hYJUCM5Q6xII8XO8Tw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8279811c1c4b79f1db0eb5d3231c3a31_JaffaCakes118

Files

8279811c1c4b79f1db0eb5d3231c3a31_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
KJHJKFDSA

Sections

CODE
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ