a636e2b9009351463c733e13cd0b0cc0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a636e2b9009351463c733e13cd0b0cc0_JaffaCakes118
Size

618KB
MD5

a636e2b9009351463c733e13cd0b0cc0
SHA1

ea4e905c46daf00be6c45026be80a4c9d981556f
SHA256

b89b8761115bb176dc2d6314e5d43a82c3a84b1a5ba3c88089369cb2c063ed6f
SHA512

9daeb62221b25db66c0934918977907b63597fa21c5186dbed1d98d492dc7264bee7af20039d7eb78e00d9913c4f23d7fed1369928a97b051dcadb500605bb6d
SSDEEP

12288:b0pOw5Uz2eWIVnmXHqj4HypFejUz/qRRg8LgSbxsy2Kr:YICeWIdAqj4HeF7iq8Fb+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a636e2b9009351463c733e13cd0b0cc0_JaffaCakes118

Files

a636e2b9009351463c733e13cd0b0cc0_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 490KB - Virtual size: 490KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ