9470221792b3add0e483cf12dbd4af71_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9470221792b3add0e483cf12dbd4af71_JaffaCakes118
Size

561KB
MD5

9470221792b3add0e483cf12dbd4af71
SHA1

7928088074ef54cbc1cf234e8c5f1a9d6aa60dc1
SHA256

d85fb86b7054262c71ad87e73e6b312e8dc428a33216fd4cf33547144fe3eea0
SHA512

cfd9e4fe15659ac67f0257cd437b37eb9cf5d1bc0e95c94ff9ec6134daf85c8d06c9ad819036213f83d8d4ab7680bc7266fe94b459950032db14337a9d36c67f
SSDEEP

12288:WgUV94y09yxH1az44i2JiU5VVNIUOZH5by2d4hF4X:6VGy0E04wskIZHME4hm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9470221792b3add0e483cf12dbd4af71_JaffaCakes118

Files

9470221792b3add0e483cf12dbd4af71_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 487KB - Virtual size: 486KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ