05b607401fb6f44e9ad396b33f86bfe0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05b607401fb6f44e9ad396b33f86bfe0_JaffaCakes118
Size

783KB
MD5

05b607401fb6f44e9ad396b33f86bfe0
SHA1

6d75dbf64f95d84b4867e47346aa5ba4f7d6637c
SHA256

c04d4a1f5ac18ed4dbae16edb40a4ab93ddec7195b2c2c62a2ea1a8db6e17df8
SHA512

7bf62065942a7027a5317942bc6088f6dbfede452ae5f6508cfc392ed76932589f869e63240f29ffeb55bea39df12687ee0eca5b8f98e148233829c347dfe00a
SSDEEP

12288:0soe3MyaMpB81p/AurXvQbQ1yR+zLd5G3jvbHm/07tC4VcU:pxb3pB81p/A8YE8+zLDGXGIC4mU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05b607401fb6f44e9ad396b33f86bfe0_JaffaCakes118

Files

05b607401fb6f44e9ad396b33f86bfe0_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 594KB - Virtual size: 594KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ