d73f9dd6ec1bb0a679087df7493ea69c_JaffaCakes118 | Triage

Sharing

General

Target

d73f9dd6ec1bb0a679087df7493ea69c_JaffaCakes118
Size

438KB
MD5

d73f9dd6ec1bb0a679087df7493ea69c
SHA1

b26c9947ab797c528f551276b85f575b83eb1d57
SHA256

dfb5c61336d7748c015be95d665d0f98a71e5870b999b90566d7dd958dfc31d7
SHA512

5ab2e1ef90ff5e2f320f4a5b4f925ac9c6405a0ecd488cc02ef93eda810459902d6174585bf35ff21b03a62a6b00b5f8f1f9b92db12000890b2e4440071e9108
SSDEEP

6144:uIflFQhCZ5F6SsNjSuBmK/9smYvpS1gnWwhnLMYfKxuRSBW9dUWAvGSIZHX7AyJo:uqFQhCXF6F/AnLnSzLcftX7FJwnX/P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d73f9dd6ec1bb0a679087df7493ea69c_JaffaCakes118

Files

d73f9dd6ec1bb0a679087df7493ea69c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 372KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 161B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ