bedd2fabc716069b3056c1973f699438_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bedd2fabc716069b3056c1973f699438_JaffaCakes118
Size

565KB
MD5

bedd2fabc716069b3056c1973f699438
SHA1

e321215e1fa8c36e24aae9c9eb28caecd8d7c8fc
SHA256

367f74ccd1a0ca4e3675dd9202f981eec8c9f3055a07b97c2736f7a9981bbd00
SHA512

751bc50aac3611e0d8c415590639bd40b89a4230278a81ba58213aaf733def340d9a8ac9911c38e1e860c261d451c9bfd9aa2a7e1a1e892617382a8371610c63
SSDEEP

12288:GAFp96Ffv/aX/tOo0O00w8NJidSCnTLtb7fZZKYp6VBw1:vFv6piXQob009qSCXpDZZv6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bedd2fabc716069b3056c1973f699438_JaffaCakes118

Files

bedd2fabc716069b3056c1973f699438_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 484KB - Virtual size: 483KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ