d0e700c6e4da230f7e0f2a17f72b533b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0e700c6e4da230f7e0f2a17f72b533b_JaffaCakes118
Size

28KB
MD5

d0e700c6e4da230f7e0f2a17f72b533b
SHA1

764fe85238390bf6a4fe1d4f81850fc83598c540
SHA256

612c0ad444a57e03b863a8e80b748d5c0960c6c5e3612e06109d1622843755b0
SHA512

803fb82fb17f9e9c51e9583f009181102f4f8ca018aac0f2205bcf853d96d9cf8526e2f43c7844be3771628ae63ef3540eca0b6dd2cea12cb2677d7ba6b3eb56
SSDEEP

384:4AHxUSEqujwdKnGQmrjtlpKQf864OHBbVh6+O2DL5p6T8qmaiqZ2f7AzGAM8zz:JKSEquMd0GQ83E6/bVNV9q0EGg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0e700c6e4da230f7e0f2a17f72b533b_JaffaCakes118

Files

d0e700c6e4da230f7e0f2a17f72b533b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ