0610b5a7c858d4c2175cd94c91670f83_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0610b5a7c858d4c2175cd94c91670f83_JaffaCakes118
Size

686KB
MD5

0610b5a7c858d4c2175cd94c91670f83
SHA1

965fbb5fee5983c85d17667d5e366ac151c713c5
SHA256

a7373f6889a82d763c887d02bf0b4850dbff1674b53fd53477ecb54a7eb97af2
SHA512

681b9d7706b0451e34ed558f9774cf9ce75a6a30c2020611e4dcd2e1a979e4f954292a55c6c6b71da38a7bb031bf71029671f0b6839b14ff4a30a660fdfd5c9f
SSDEEP

12288:idUXYC8MJIdwKRKEZspirlD41dN1hPHBwDjHN++YlbtjOFx2tePm:imoCHJB6KE2ISdVPHBwDTtYlbhOfA+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0610b5a7c858d4c2175cd94c91670f83_JaffaCakes118

Files

0610b5a7c858d4c2175cd94c91670f83_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ