bc63172b429793bd842108cddc1bf62a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc63172b429793bd842108cddc1bf62a_JaffaCakes118
Size

562KB
MD5

bc63172b429793bd842108cddc1bf62a
SHA1

02f665c8086235cf9acf9877e98a9b599cd4831c
SHA256

d440dcab9cfcd337a4778145131ff36d04b476165a8f5383ee4029fda30185af
SHA512

fd834afcc0271478c60b6c9ce56b19b1dcc6f631d16a346a253cb1439e0e11d8b0f3c27a12374d3f15e5f259858ad8a3eb030e6b55938dc0bba91e71722831b7
SSDEEP

12288:60Et9YDc/Tk4Po4wSSqodPF9C2vTgYn3US43Rb:KtWDcw4o4Ts/9Cknl2R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc63172b429793bd842108cddc1bf62a_JaffaCakes118

Files

bc63172b429793bd842108cddc1bf62a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 485KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ