ea11b34518d578b6dc7375ba59b14ac5_JaffaCakes118 | Triage

Sharing

General

Target

ea11b34518d578b6dc7375ba59b14ac5_JaffaCakes118
Size

36KB
MD5

ea11b34518d578b6dc7375ba59b14ac5
SHA1

4dc4666235dba856420e4e4750b328f9811a7c4d
SHA256

6b24728a701b6aa7ce13d89f728ba7767a40d5add1fff9ad075c5a40344938c0
SHA512

7b4df77e1da0feaae28226a643deb1efd71a42c9a5237f0d82619e1c6d2f95a48555ff890ea2865fcd4e78814b794cf3ea7318e7ec574c6d586edbe914b8a528
SSDEEP

384:yg/JX0fiiTOFOxvS68ZYQ5kcRZpgcSHcbFUCgkg/Tzfu7AmgEQhxsT3jH02dGAay:JJX0fiiBX6kcJS25g/nf45RlTa+apqh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea11b34518d578b6dc7375ba59b14ac5_JaffaCakes118

Files

ea11b34518d578b6dc7375ba59b14ac5_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
gfdhtr

Sections

CODE
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ