dc6487e255bc7bdf1dcaa27f88831e23_JaffaCakes118 | Triage

Sharing

General

Target

dc6487e255bc7bdf1dcaa27f88831e23_JaffaCakes118
Size

251KB
MD5

dc6487e255bc7bdf1dcaa27f88831e23
SHA1

aef940f14b3309c67479fe04bee1895b01e45e7f
SHA256

e899a21b9057a8478750be875df63687a60b6d0ff1c98cbfa6463b02f7491018
SHA512

99b5007150cbb285b74e785db1db6ec5a7585112d28f35041309566d84cf4176c0824acc438a1fd5a0d5db54b45e2e2ea2687d5f6763813b8f3859e9a3683bde
SSDEEP

6144:B0PXtkPWDkHIPuokcdcK0ffhEVQNMazA88:OfbPuncHQYQN7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc6487e255bc7bdf1dcaa27f88831e23_JaffaCakes118

Files

dc6487e255bc7bdf1dcaa27f88831e23_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OE5SimpleCreate

Sections

CODE
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 191B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ