fb45ed3a6638ed5ab68ffa7690ea8d3f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb45ed3a6638ed5ab68ffa7690ea8d3f_JaffaCakes118
Size

124KB
MD5

fb45ed3a6638ed5ab68ffa7690ea8d3f
SHA1

ed457f1d4c860ab1a162c1f476b9f9a3d71c67ad
SHA256

7a519a32e40277d8cd462dfb14782878fa93385dc78069b356820e7a41d6c9bb
SHA512

86bd7c77763c9b0bfa04e3cc82afe0a6a2bcd1c27c918944e234ae828f8176d1d9e109ef3280180163f03661d854ee95e9b9e0f1855d5466aa53001f20f623c8
SSDEEP

3072:VG7GsXoQERuS3nGGz+FoRz7kZ/WATUx7+p5CwzflLx9:+w73J6ZFTUxVu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb45ed3a6638ed5ab68ffa7690ea8d3f_JaffaCakes118

Files

fb45ed3a6638ed5ab68ffa7690ea8d3f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ