b18f37f753677308dfdb018b3432da8d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b18f37f753677308dfdb018b3432da8d_JaffaCakes118
Size

130KB
MD5

b18f37f753677308dfdb018b3432da8d
SHA1

06777a2de6456b6513118e04f0a4c59fdcacea3a
SHA256

f545a36d4f639ab0b4139546040a08ddb9a70c7b49f355085c40082e89d88998
SHA512

d7332000235a168524e9315bdd6de3b3bcf0ff8ea9b34b67b5bc6f81248f17a527025fd4262648cc2fa3e36d87ca4029baeafcde3806f5e61d0edc0b39545b34
SSDEEP

1536:ZvBk41psBofpN+k114Plf9IsAVpi8rvp9+ELLStyTN7tPLMVqR5YgvaBtc:Z5b1psB8pN6lWs6vz+EP/ZTMVqMgvao

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b18f37f753677308dfdb018b3432da8d_JaffaCakes118

Files

b18f37f753677308dfdb018b3432da8d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
EnableRunDLL32

Sections

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ