d6c69f2ba2aa2668f622efbf0631145d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6c69f2ba2aa2668f622efbf0631145d_JaffaCakes118
Size

104KB
MD5

d6c69f2ba2aa2668f622efbf0631145d
SHA1

effbc604f6236fbff75f420032631ce026c2c196
SHA256

285af2b9dfe1e4637e1250877d00c8dbdd130362ba5c336a7dcead70cf9e4bb7
SHA512

c23cd68e098641016cac8e2525b62e95d6af43b929e2aaa8e1c9a6035dc9473e8ae4de9a1aa0ec794e9c154eabf963f5638c94fad5c46426a18207f688591cf8
SSDEEP

1536:I55CMiWOlcxHZ5GA5Y4bpeodMMHysAu6e0wbvly36l2EEkQD8oKvqlyl7miF:I55SWOyx5z5Y4TvHya0OlCEIkubuR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6c69f2ba2aa2668f622efbf0631145d_JaffaCakes118

Files

d6c69f2ba2aa2668f622efbf0631145d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

bd51a645a9c68bd03b2e51586e5cbdcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 279B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ