a033defa25f2f4e0abf1326f688693dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a033defa25f2f4e0abf1326f688693dd_JaffaCakes118
Size

554KB
MD5

a033defa25f2f4e0abf1326f688693dd
SHA1

6af7e00b036ae13b5e3ce28f19960869f33969af
SHA256

ddfe0961993b309bf3e6abfd19747d4317aab9b80ad2bb6f842d10d245a6795a
SHA512

c817862e00e935ee5a4659ce7f20b43b988207c4eebf963ca23393ca49b60aa4eb71b7f3705b8996246c606ecbae2980c73f6dfa226a0acf2a630c379002164b
SSDEEP

6144:nJMjmuFoH2UgQaSRQU32m+4Z/kLZYvCzZJAEck8Xy9g7Ck2xpBBH9elbs20LLNJi:JCnaH2CauQU/+HHvqH2PdhI0YEwpL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a033defa25f2f4e0abf1326f688693dd_JaffaCakes118

Files

a033defa25f2f4e0abf1326f688693dd_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 169B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ