c2605bd7bb903f0d8b8386c7232ff210_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2605bd7bb903f0d8b8386c7232ff210_JaffaCakes118
Size

794KB
MD5

c2605bd7bb903f0d8b8386c7232ff210
SHA1

3c8fcb63b9398d846a94122a5c84abccb76b1ff5
SHA256

98e0bc9a619fec86378dd227cca266f2ff973a239ed4f35a0ff323af4fbbee09
SHA512

ba666ac816ea8011597e2d31e291feb2465b56bc132f23af8727540eff179b94f84dd7a93c8d368b1a09e18a5889c0eeda73fccd99109a66c2a183bfa9840bdc
SSDEEP

12288:Stv0EYFWSCJZu51oBcvZHR1LL+Z6biLUWJy1BWcQxHCqmoRIhr5e6oe1cU:mMEvSwsZBR5+UiLTiEkoRI66aU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2605bd7bb903f0d8b8386c7232ff210_JaffaCakes118

Files

c2605bd7bb903f0d8b8386c7232ff210_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 571KB - Virtual size: 571KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ