df6f4fbb96f9a3c69607f9d8fb181a94_JaffaCakes118 | Triage

Sharing

General

Target

df6f4fbb96f9a3c69607f9d8fb181a94_JaffaCakes118
Size

508KB
MD5

df6f4fbb96f9a3c69607f9d8fb181a94
SHA1

d4671b659101d6329d7d32c13790b585e05a768e
SHA256

3060fafd4d3e99c77e7e8e1ee92bfa0f8b05e0294aa0973a28e5bf51097b5a79
SHA512

98d39c1ba7c3a0e8c4f0e992f8f5d857bf70d97ed13f83a8670e384a02b4a21468b01d17478d7433925366b6355f4b50f3bd54ba699ef80098d577d550120baf
SSDEEP

12288:Ku2+PqmNNVlv7VanaiNqELQMDwPPplW6OE69G:Kl69Vlv7VaFzL9QPbNN6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df6f4fbb96f9a3c69607f9d8fb181a94_JaffaCakes118

Files

df6f4fbb96f9a3c69607f9d8fb181a94_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 410KB - Virtual size: 409KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 167B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ