f6b4cd7ea8eff2234e92d208d4732c31_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6b4cd7ea8eff2234e92d208d4732c31_JaffaCakes118
Size

111KB
MD5

f6b4cd7ea8eff2234e92d208d4732c31
SHA1

8e696c0aece7837aa297708eba29ba61f586763f
SHA256

9cd2a0e68ae3e958a3cebdd47e6e7ff6b7212c162eed382e00b6c4fea0b1a940
SHA512

80dfb4fd1e73456c232db80ad584b418bd1d101677bffef5b5cac924ca9fb941b2ce55256695a68acd41c6d1406b9f25558f68923a96b8602e0cb7169075f215
SSDEEP

3072:pLEfy7U0Gjxj9LAyL9PdYvzYgTuuLbEY/:pLEfv0GtxLVP6EgTRLb7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6b4cd7ea8eff2234e92d208d4732c31_JaffaCakes118

Files

f6b4cd7ea8eff2234e92d208d4732c31_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Lgnkmln
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

CODE
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 223B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ