cfd376f5daacff1c1bd07a1b8c340383_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfd376f5daacff1c1bd07a1b8c340383_JaffaCakes118
Size

147KB
MD5

cfd376f5daacff1c1bd07a1b8c340383
SHA1

80aa4f0b685d5ef58971a01e9cdf4fe8eeb1b36c
SHA256

9d2c37baaaa1d683b5b0ba32b22340a507e2d89bade6e21e970d0d01207ee9e4
SHA512

1cb09ee6d7282547cf48f3a6b31fd9e71569afc84c2f1f1da087a8b1b069a875b9156920ba1d53a9a02db79311d61cb17e99422bbc38e444b7d9e7c3ba5f59b6
SSDEEP

1536:Y3q2O5STfHEJzpc+damBxza/rvUNiqaO8JwxEqsCAwH3zUOdO:Y3fDHEJ6mBxza/7WiFO8JmEyAwH3zUE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfd376f5daacff1c1bd07a1b8c340383_JaffaCakes118

Files

cfd376f5daacff1c1bd07a1b8c340383_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JSOff
JSOn

Sections

kbugea
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ml
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ri
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE