ce72a562d91dc81983c1d49f759557f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce72a562d91dc81983c1d49f759557f4_JaffaCakes118
Size

950KB
MD5

ce72a562d91dc81983c1d49f759557f4
SHA1

c858dc7096b85cfe3e72bc7bb53ed7be0fa041cd
SHA256

c241f3d371a9f89fe7d672fc1e6bdf76187012e39acdc8918fb0baaa799ff3f6
SHA512

1acd5d4bc7510d94b74f00d7963659828d49b0145f9fb7189b2cb53b88bf4b30d208fd6441a099721684af5f90fd49aac79b98ca2f62b36372fc08aff5bd2072
SSDEEP

12288:sNh80OWLSBoo83xjLSj9Lva/YI7eKvY63u9VFyC6+Cqx+FGggIg:sDbYBooN9i/YIr7+oC6+Cqx+FG7I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce72a562d91dc81983c1d49f759557f4_JaffaCakes118

Files

ce72a562d91dc81983c1d49f759557f4_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 681KB - Virtual size: 680KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 165B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ