96ec432d913df952440b4d79fa9bd774_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

96ec432d913df952440b4d79fa9bd774_JaffaCakes118
Size

111KB
MD5

96ec432d913df952440b4d79fa9bd774
SHA1

852cfe574154ffc7ab80f53a89ba75a2e81ff067
SHA256

273749c560401d223321bb0b895ce66534e762fb9346cba81af468969bfcadec
SHA512

2715ac5180ca18811d7aa4183e66bddc84768f7948ffe17c6b60a13d9c85fe44186d449b545beb1528055c8a50938256b3050ce0f5de4a4783bac589b2a75519
SSDEEP

3072:LLEfy7U0GjxlAJa9vUPLcUk47zncjju1TY/:LLEfv0GtlAcpU97rcjC1c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96ec432d913df952440b4d79fa9bd774_JaffaCakes118

Files

96ec432d913df952440b4d79fa9bd774_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Monadgb
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

CODE
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 223B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ