c78eb5eef56bf623fd0b0cf080ce72e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c78eb5eef56bf623fd0b0cf080ce72e2_JaffaCakes118
Size

416KB
MD5

c78eb5eef56bf623fd0b0cf080ce72e2
SHA1

d7988f0a37e3c26c90cd5e4c0cb281e29ecee0ac
SHA256

7ba29df327342fb467a9ac32e25a91bd8326a428472d0c3221e82bbdc9b002cc
SHA512

264879b4d518e4a7b0e46adefd30255f58bc29b81ba11178c1c120f2823fa2c3f883a618fd0e0f4876a74e7c725992b4f267488dec059ed0d392a0cc058533ff
SSDEEP

6144:BwkJOXsXefFwP46QvloYwH+Zlo4e8mJQTBJt8MzLj7/i:Bwk4X+eLloYwH+Z6nJQTr/Ln/i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c78eb5eef56bf623fd0b0cf080ce72e2_JaffaCakes118

Files

c78eb5eef56bf623fd0b0cf080ce72e2_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

79b3362178937bf9559741c46bb9e035

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ