bdd36d8b26112b5500e81a5bbaadb649_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bdd36d8b26112b5500e81a5bbaadb649_JaffaCakes118
Size

574KB
MD5

bdd36d8b26112b5500e81a5bbaadb649
SHA1

1b9fa43fe3d9c79beca0f00ac55b954f1820d288
SHA256

3ad060d9fc332a24882300fa3587d25f20b35eed78690f96de49cbd7e360bf4f
SHA512

4bf8279edae23dfe6718da2270d650f9f09764e021f7e62db1235de85687cc1c292ebf5d354980fb36e17efe137ba601895e761c4fcd3121e0c2bbbd2262de0e
SSDEEP

12288:QiSIF+1lgqnuU8dy2rfCDwFT2YHgBrO1OySJY8:j81YtddbQwLgxcoJY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdd36d8b26112b5500e81a5bbaadb649_JaffaCakes118

Files

bdd36d8b26112b5500e81a5bbaadb649_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 485KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 167B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ