bbe9da1c56cb5a10cc5c387122e0bd26_JaffaCakes118 | Triage

Sharing

General

Target

bbe9da1c56cb5a10cc5c387122e0bd26_JaffaCakes118
Size

564KB
MD5

bbe9da1c56cb5a10cc5c387122e0bd26
SHA1

07a97aad14bd8c80cd4defe73994a4120003c086
SHA256

cb69b8f4f0bc59dacc238890a39f4c3a02dd589c834c045fa08156cd088b2332
SHA512

93ee75d0ba83790e2d721d57b039f38eec2933d2fbe1c749f153c19a963bf1d36b1300115b802d360a31faa42d9e58a259fe8a51be812e036a3f98ff732b73f5
SSDEEP

12288:G0Et9YDc/Tk4Po4wSSqodPF9C2vTgYkcqzb84F:WtWDcw4o4Ts/9Ckk44

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbe9da1c56cb5a10cc5c387122e0bd26_JaffaCakes118

Files

bbe9da1c56cb5a10cc5c387122e0bd26_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 486KB - Virtual size: 486KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ