ab132b5356c0f8f2502d90d0c15bf0b1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab132b5356c0f8f2502d90d0c15bf0b1_JaffaCakes118
Size

227KB
MD5

ab132b5356c0f8f2502d90d0c15bf0b1
SHA1

6ce657c9757a592bbd5bb62124f57fd3bac80f5f
SHA256

d2480cfb763ce8ebb01a47a38f06d2d481fdc3c51ba51ada7a11630204d4bc3e
SHA512

294ea6b9de626ac1b1a817c9dd0e62c6394de96caedfddec2d250cda398a5981a71aa5a0849365be530830981c1136ce40810a3348e51fe8b6044d0d6db9db10
SSDEEP

3072:qpmFn+4vM6gSeaK3+rLGEvtHoG9rgvKTV7k8lV6guTux6+cJLcrq7O0djJVjgol0:q+XMypK4GStHoG91Xix7Na05blEMPnan

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab132b5356c0f8f2502d90d0c15bf0b1_JaffaCakes118

Files

ab132b5356c0f8f2502d90d0c15bf0b1_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllGetVersion
DllRegisterServer
DllUnregisterServer
DllVersion
WinLogoff
WinLogon
WinShutdown

Sections

EPa
Size: - Virtual size: 240KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

EPb
Size: 219KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

EPd
Size: 152B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE