b4ce56e5d6020c8f25032f37a7ac1163_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4ce56e5d6020c8f25032f37a7ac1163_JaffaCakes118
Size

408KB
MD5

b4ce56e5d6020c8f25032f37a7ac1163
SHA1

dc4f84b82a9879abd91d2c69ae5af70100fb8513
SHA256

06b59ebf4371087e2002134624ae1d4798aafa420279efd2f78d3c5563e2d3f2
SHA512

39ad5570718e5a2b75c9e2ec166b064b2d3ce408ffdc68ea044c9277945d03833d8ef9851445a2f15d682c518e69847fc1f3a4202b1420776c194ac4c09603bc
SSDEEP

6144:431t7oWQRq6sVv5d0avPR7M7/BQpAy+FrykX2RZp80vzDg1khwxXu072p1xiMcmi:c7oWQw6sp5d0aPB2/27pd04g+07W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4ce56e5d6020c8f25032f37a7ac1163_JaffaCakes118

Files

b4ce56e5d6020c8f25032f37a7ac1163_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 353KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 167B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ