f6566fcba46b6ae6c0ec8ba5ab334528_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6566fcba46b6ae6c0ec8ba5ab334528_JaffaCakes118
Size

32KB
MD5

f6566fcba46b6ae6c0ec8ba5ab334528
SHA1

ccddbd47133d7c9df9c1ae8722c9745e6f6b7916
SHA256

01ab3cf5d3aa936520632f5257f91dbf7bb7a8dc2f2971589bb9881ebf5575d8
SHA512

d3085b291e8c6abea82fb3a7dc8b683e960cbae00dbc2e3500e94bc3cdf408dd6061c338656cf8b1567ee6cc928c5003f27ce33351b680f4967bc931d757128f
SSDEEP

768:n+ThI7G5JUPnRl78gcs6ZGY0wVaxKswmsgcQ:n2hrcn8gXfZwVaXsgx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6566fcba46b6ae6c0ec8ba5ab334528_JaffaCakes118

Files

f6566fcba46b6ae6c0ec8ba5ab334528_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
gfdhtr

Sections

CODE
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ