bb36f6cffc5d1705a5ae66976f6ac93f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb36f6cffc5d1705a5ae66976f6ac93f_JaffaCakes118
Size

646KB
MD5

bb36f6cffc5d1705a5ae66976f6ac93f
SHA1

3c6d2790304ce6d9b58f9220ee2160dd79cbc2f0
SHA256

3249992dc332a3020343368ed50b035387d4892f663b597b2f248287a59969aa
SHA512

7d1f915fe9abd08d1ce538733675adbedeb259183eb4c8a5f8d14b82106848792042503e6d04848d4fec3f9839db07869b75120750d09571136ed35c765d617a
SSDEEP

12288:whE5WSKa/rY8n0ofYMziZokEDfXKto4wLE7BpSGBzLGZmNP:Hv0/ekEDaScS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb36f6cffc5d1705a5ae66976f6ac93f_JaffaCakes118

Files

bb36f6cffc5d1705a5ae66976f6ac93f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 453B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ