a290278bf640437ea6a9ae2db1f26d3f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a290278bf640437ea6a9ae2db1f26d3f_JaffaCakes118
Size

634KB
MD5

a290278bf640437ea6a9ae2db1f26d3f
SHA1

85d24b8dd5df3fd9140f9eb58990dee62d3ad540
SHA256

ca03ea9a5f013ef749e79b82437f664e8d424d735501c253ae639fa2a1224262
SHA512

a2e8c15389f20ac1b49ea037953284eaf1e9384c90edb22933bfd9e986133ae68208be130334040d3d15d9cef7d93bb0cd7e9f3380d1b4a766c02a74433957cb
SSDEEP

12288:4KhE5qGwJly8Q+82WjgrSeoMB865tSU2tCjD0ZobEDfXKtoovdn7BPsEN5XpvV52:RQZ2trSeoMB865tSU2tCf0ebEDaSov/F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a290278bf640437ea6a9ae2db1f26d3f_JaffaCakes118

Files

a290278bf640437ea6a9ae2db1f26d3f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 457B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 197B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ