bcbc3bf0252d950fe4425af40da13d07_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bcbc3bf0252d950fe4425af40da13d07_JaffaCakes118
Size

903KB
MD5

bcbc3bf0252d950fe4425af40da13d07
SHA1

6c05685d66e3f31a9256dc4373f508a4e89c2f5c
SHA256

483d54e9f4bd3cc3cdfaca8538cc2c886de8b514d5504cc7da14e8efd6bf7967
SHA512

574d881021d730a12c28fbd5e6e6087d32a54823d0a98f8843a0d4ab7ff1caf9509a686b510237690e107ca5584c28654a08a8468141b25b9b461f2588acf1d4
SSDEEP

24576:A8JzIwTkg00xChqL8Uoqk/LebrQb/azAsV:A8CgF7YUoq7woD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcbc3bf0252d950fe4425af40da13d07_JaffaCakes118

Files

bcbc3bf0252d950fe4425af40da13d07_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 163B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 524KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ