a2b0912d66ea56f5bb6e69669298bb5d_JaffaCakes118 | Triage

Sharing

General

Target

a2b0912d66ea56f5bb6e69669298bb5d_JaffaCakes118
Size

563KB
MD5

a2b0912d66ea56f5bb6e69669298bb5d
SHA1

4738c96d0328584f118f61cf8450783fb1784a1c
SHA256

4247c721bd71c05ae128f81f1f5ef419db207153541d56c5ba6a25ea0f24289d
SHA512

5eaac115acaad7c3b008ca4cb983f4282ebdda914a0cd293fbfb04c79daeb924a4157981c8b395ca8e59448f6903e2db55d5a0cbfbd19e591be4442d392f5a0b
SSDEEP

12288:3Q+mcjfe8PE5L28A0B7QClUUClpnjzpgm9/4OOo3rdPiG:g+djfL62k24UdpvDxzOWr0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2b0912d66ea56f5bb6e69669298bb5d_JaffaCakes118

Files

a2b0912d66ea56f5bb6e69669298bb5d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 490KB - Virtual size: 490KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ