ffe782727bdf9a17b9ec4fec4a1a43aa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffe782727bdf9a17b9ec4fec4a1a43aa_JaffaCakes118
Size

111KB
MD5

ffe782727bdf9a17b9ec4fec4a1a43aa
SHA1

3b1d9ebf3e03235a597bcbdfc56c05c806efc839
SHA256

dd27d1bed76bf4b1ca2a6f024e1afffa1d1aa4e32cfcb8c6c3d53cdb35f2f272
SHA512

733b18378666995c67646ad4ecd2d43f06f32cbbe379c70418f5b029ff343db14381164c164fabfcb0024aae7a35b449aa5e7daf9a8ec097b882fd0ecf3bcbae
SSDEEP

3072:m0L0fyDNjaIj2Xy8XAr4Dfj/l7bP/vY3Odw:vL0foeIj2XXArOj/9b3vY3OC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffe782727bdf9a17b9ec4fec4a1a43aa_JaffaCakes118

Files

ffe782727bdf9a17b9ec4fec4a1a43aa_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Ngmonla
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

CODE
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 223B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ