947cff6d44cc585b5d537a19d29a756d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

947cff6d44cc585b5d537a19d29a756d_JaffaCakes118
Size

124KB
MD5

947cff6d44cc585b5d537a19d29a756d
SHA1

8394f4e0985ec5717494b035756ffff6e07761ba
SHA256

5d0f23d92d6c67aaea7c42974ddba45f3dc6ae91b3c7dc5bdc206b0fa0412b36
SHA512

765ba9fd10fc810cee40bcf0254872839295c27e07e9fe303fd9f56165cd4cc51e856c3ca765060e223f796f642e9ce66055b7aaeae8bb5f66a527b668b1ec52
SSDEEP

1536:jZVvccmB6yYHWzLcsqYBvAn+WA/OKapuc5WcrbfKKk3mbxzLYXB:jgtB6NWzLLD3RW1Mq9rDE3mJ8XB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
947cff6d44cc585b5d537a19d29a756d_JaffaCakes118

Files

947cff6d44cc585b5d537a19d29a756d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 663B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 570B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ