c2601bb2591e59dc5cad9de4f0134ccb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2601bb2591e59dc5cad9de4f0134ccb_JaffaCakes118
Size

603KB
MD5

c2601bb2591e59dc5cad9de4f0134ccb
SHA1

dd1930edb99ba4a7c942a35a74a11c6c1007bb19
SHA256

9c4606952fa58f1415bca21c57009a391a849ec8c5d672ecd039f53a1100f2ec
SHA512

6e0ef1150e2d7d8138b1778a6d3834c62f9388cad896531e8be0fcb0af3cda4624d71b4132101d5d7fa66c683c32f5349b485e4d3507c66ba70e42cdcd1a9200
SSDEEP

12288:975fcTm9nWnnMT3DFYspOvlW8rMZcJB00unTk5vjOFzhx8o:9tkTDspOdkZs0NnTk5vjOF9D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2601bb2591e59dc5cad9de4f0134ccb_JaffaCakes118

Files

c2601bb2591e59dc5cad9de4f0134ccb_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
HookProc
HookProcEx
RemoveHook
RunTray
SetHook
SetHookEx

Sections

CODE
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 281B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ