b3f7a06440157ae8560f1a8a5b6ab80d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3f7a06440157ae8560f1a8a5b6ab80d_JaffaCakes118
Size

565KB
MD5

b3f7a06440157ae8560f1a8a5b6ab80d
SHA1

338e9039c470cb22ca19095dd78b12b5c7524639
SHA256

a66ac0a819f886b3bcaa51f337233d7078fcf7b5bf57685fd1dc275ce3e4c4aa
SHA512

012832976c6154be0f66e74bad4f1e61c1566606b3f0eb90b7641318f2ce4dae23a729c3cb0f304c9cd385e016d8c413158f8c8c6686f3c31d5e63573085f1e8
SSDEEP

12288:yAFp96Ffv/aX/tOo0O00w8NJidSCnTLtb7IZZf0Y0pHVBwu:LFv6piXQob009qSCXp0ZZfdUH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3f7a06440157ae8560f1a8a5b6ab80d_JaffaCakes118

Files

b3f7a06440157ae8560f1a8a5b6ab80d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 484KB - Virtual size: 483KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ