cf86976e54d3bb84d8bdc38ab74ce7a6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf86976e54d3bb84d8bdc38ab74ce7a6_JaffaCakes118
Size

111KB
MD5

cf86976e54d3bb84d8bdc38ab74ce7a6
SHA1

c3f550e49d45d9c4c1957bd923ff0d34261c9840
SHA256

cdfc281343769e22ea749f0803ea70a06f772da5c7054c08d7f61d1370edea7c
SHA512

b11457369d2b36e8bdf6dee719556f147071e29cdec5e0d69b6cb7adadbef8f88953a20c9ebf77791bf5c3ab6a287def72d86855da636bef21563f664aa261ac
SSDEEP

3072:TLEfy7U0Gjx++wa/k1LU8mOqL/lX6yB3QZX0Y/:TLEfv0Gt+O/ktUHL9F36r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf86976e54d3bb84d8bdc38ab74ce7a6_JaffaCakes118

Files

cf86976e54d3bb84d8bdc38ab74ce7a6_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Polgpol
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

CODE
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 223B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ