94d87d77fa3fa7331dbf4a7c2440d896_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94d87d77fa3fa7331dbf4a7c2440d896_JaffaCakes118
Size

33KB
MD5

94d87d77fa3fa7331dbf4a7c2440d896
SHA1

8c54da0d921b73c56c87599c3dd51ed7a660f594
SHA256

aa04bfd8b55155c6e81b29ef1b39b2d6aeb53c8205aa89059b17a43a13289284
SHA512

822c1215f3405fe6b57f88584c3648d98e05d4ed770ff00b3cc4779af2d29a17b42f762f8cb669f657aa0ceed28fa1f1035fdce652855b3df468a503ab0c3a68
SSDEEP

384:Nd+k6d9hJuMXFHs1yK8F4reLOOVmrgJeQShzbV8mJ4c8fIH8vB+kKKk:3+v9h5Z46yc4KN6hJ4jfw84b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94d87d77fa3fa7331dbf4a7c2440d896_JaffaCakes118

Files

94d87d77fa3fa7331dbf4a7c2440d896_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
sdfrrg

Sections

CODE
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ