da23ab58a250fa2349b8247cbcd97b0e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da23ab58a250fa2349b8247cbcd97b0e_JaffaCakes118
Size

713KB
MD5

da23ab58a250fa2349b8247cbcd97b0e
SHA1

42f7588577622b28530449329786fe127e344445
SHA256

b2938798d175cccd8503ee7aee8c791dfc9e086d38d46ae0ccdba9f38ea3b80c
SHA512

293cd898438f3fb5bc3335bc5872287ab85c525d30f9f12f4e6c74130da1e8c555ce2d21d36e2f9acf5416a269ec6ad412ddb8621b7b2b141464fc43deec2c6d
SSDEEP

12288:o8ac4dHG4E25Hn0Khh/1ZsgrMbHd0s2PZc5XO7TubjzUinU:ZJ4VEaH0Khh/fsg09lf5+XubjzU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da23ab58a250fa2349b8247cbcd97b0e_JaffaCakes118

Files

da23ab58a250fa2349b8247cbcd97b0e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 602KB - Virtual size: 601KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ