9767c2c96673006f5edcaa7afdcf67f7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9767c2c96673006f5edcaa7afdcf67f7_JaffaCakes118
Size

610KB
MD5

9767c2c96673006f5edcaa7afdcf67f7
SHA1

20d0b8d0d3e4d6b9bbb3a2a6ce81b2f0e4e889c8
SHA256

17966afbc78fafc62a71c3b62a31d6ad6a4358b8a3fa88e553a783e93df0f9b3
SHA512

b766b4520857f0936d50f12cace9a267f99ddc6b2e5156634aa3f767f6c64750793ce1139f4d96fef0cb17ebc156c7c8ce68198d0f1a8733fd588877d49fbc41
SSDEEP

12288:RyA1ZdqVfv/6HftOIA3+00wstpSdCi3TLdLOGPgYifVBwLHeIBv7pj:R1fqZCHwIr00taCiHpmfQeIBT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9767c2c96673006f5edcaa7afdcf67f7_JaffaCakes118

Files

9767c2c96673006f5edcaa7afdcf67f7_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 484KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ