aeb6f320c5f4a69d803eca3288ff6c7e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aeb6f320c5f4a69d803eca3288ff6c7e_JaffaCakes118
Size

596KB
MD5

aeb6f320c5f4a69d803eca3288ff6c7e
SHA1

897ca98067ac835fc04445ec6717907d390a20b3
SHA256

58dc32f2edd5b9b41b2ac8086184bd2092e1f685d4fd3aa103bc399099db5471
SHA512

dcc90f58c1771554917957d5a1034d745d8c4947a232c6d2bfe76155f5b75ac7ae93172da9cf2ac3a58f2e6dd4b5815ddb15f19a298012a130d2137d69dcd1ca
SSDEEP

12288:TsukklWIbKdQRJbQlbqWya5cs3NQqGsv17WjvK8k6lL:TvkSWh+OlPya59QqGs7svbk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aeb6f320c5f4a69d803eca3288ff6c7e_JaffaCakes118

Files

aeb6f320c5f4a69d803eca3288ff6c7e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 509KB - Virtual size: 508KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ