af5c4e073c06b6d77d77b4e0a1bb65a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af5c4e073c06b6d77d77b4e0a1bb65a4_JaffaCakes118
Size

600KB
MD5

af5c4e073c06b6d77d77b4e0a1bb65a4
SHA1

2f16cda1a51d672b16a9fde49ceb507a820cb48f
SHA256

373a4ef571f42acb4ee65d436ff2aad698559d5e1f1082213f88c98d43216737
SHA512

096d2a7091bbaa6c6a708d9da7a5c6788b0984f6844635ad5d5c59aa12cf60377baff1e44133b9c96ed06990826ee5cf2409e450c68bb59ec755577e5d98d912
SSDEEP

12288:1YWUhE5kEZKW4Wpq3bZouEDfXKtoK64Tn7Bl:KaqLeuEDaST43

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af5c4e073c06b6d77d77b4e0a1bb65a4_JaffaCakes118

Files

af5c4e073c06b6d77d77b4e0a1bb65a4_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 437B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ