a9114d527830f94f33a5f3071c06de5f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9114d527830f94f33a5f3071c06de5f_JaffaCakes118
Size

608KB
MD5

a9114d527830f94f33a5f3071c06de5f
SHA1

4dc847c051e6c3910aadb5bb39e2ffefe1da04f9
SHA256

2edc1bc9ef842df91e46e7e3d61bea3442800bfd75aa642c6a4989d064809c82
SHA512

5cb11112893caecfcd1b51346cd449d35e52dd6d37a3363c5d162ff6166441562b6283811191c9958be4a0e2d05ca6347715e9f389fed00fba1159c7316bd6ea
SSDEEP

12288:ApIt9HX65cspWkY5DARyLuaIg3Qao6rdnsrS0B/:AetFXsoB7LGnao6rqS0B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9114d527830f94f33a5f3071c06de5f_JaffaCakes118

Files

a9114d527830f94f33a5f3071c06de5f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 511KB - Virtual size: 511KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ