ce833e825406e549a31cc69b005e5c31_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce833e825406e549a31cc69b005e5c31_JaffaCakes118
Size

217KB
MD5

ce833e825406e549a31cc69b005e5c31
SHA1

f3d3a8f550afd7b010a762c1508a938c1d5363af
SHA256

e58ce9fca3acfc1c29e4de774349b2d1f642a6ee38c39ca8a561956ae042f131
SHA512

e1c548e4d1a02fc5104e1dc4157f51b9dbeaa3ce79d7c735bc97e74e7c1e1842dcad0a31f70ea863c4cca623c2ff449d7ca27e4518be34285a758e204baacd4d
SSDEEP

1536:TkfrWQShxUfUkfrWQShxUfUkfrWQShxUfUkfrWQShxUfUkfrWQShxUfUkfrWQShi:SGxi9Gxi9Gxi9Gxi9Gxi9Gxi9Gxi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce833e825406e549a31cc69b005e5c31_JaffaCakes118

Files

ce833e825406e549a31cc69b005e5c31_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
derdae

Sections

CODE
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ