c8c146d79d44b407c5b39abc0d575972_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8c146d79d44b407c5b39abc0d575972_JaffaCakes118
Size

228KB
MD5

c8c146d79d44b407c5b39abc0d575972
SHA1

80bf82a26b8b2c229c1e6245edc0152fdad2b5ab
SHA256

b897f60818b578e6ff62ad1a4380e2a011420ff54dd7ab34f201228a4556499f
SHA512

cd6f3f4081df106b7f71fe82e20f4db30fb5444cef3e49bbdaf4189c39825e092c55ee57985ad1ea211cea4a806ac0183ea8234bb262cf6bee318044ab65d2d4
SSDEEP

3072:hptBpGeA7h/AVDIbWtPTXafpg1qWrMonIlNoxvyRZ7KFgImZFj9gCACuG7s2jJhn:hptTGeYmGbkrXafK1+ooN3KFgvZgC/s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8c146d79d44b407c5b39abc0d575972_JaffaCakes118

Files

c8c146d79d44b407c5b39abc0d575972_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllGetVersion
DllRegisterServer
DllUnregisterServer
DllVersion
WinLogoff
WinLogon
WinShutdown

Sections

EPa
Size: - Virtual size: 240KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

EPb
Size: 219KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

EPd
Size: 838B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE