a091dbc33075e34eb188d9f3dbfe07e6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a091dbc33075e34eb188d9f3dbfe07e6_JaffaCakes118
Size

596KB
MD5

a091dbc33075e34eb188d9f3dbfe07e6
SHA1

d430349ae96ac6bfc9cf2cf66f310f45c75c7566
SHA256

2f8f43f565ffc3f105d5bcb51ed1e89c711fe4a49d280d91c6c54683b526874a
SHA512

c52a8e83923df9d4cc348b5a11fdcff3f182d2fbf2754bcd9bfedae9e3edd40477d8391589a5b891f382541537f378b467bba0306c4a74c438a7363944ee64ea
SSDEEP

12288:rsukklWIbKdQRJbQlbqWya5cs3NQqGov1x9uek6lh:rvkSWh+OlPya59QqGwzdk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a091dbc33075e34eb188d9f3dbfe07e6_JaffaCakes118

Files

a091dbc33075e34eb188d9f3dbfe07e6_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 508KB - Virtual size: 508KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ