063761af45e91eeb0cf6b540a68a3d15_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

063761af45e91eeb0cf6b540a68a3d15_JaffaCakes118
Size

709KB
MD5

063761af45e91eeb0cf6b540a68a3d15
SHA1

752e18b02b27fd8949eb34717ff75fd9240c151e
SHA256

7e3ed6401da9ccd9013df5a969c7de36bb2c89ec2ecc2c6b57f4e6afe5f72555
SHA512

4413c3b1c68946da4b1c080f0c8cf6f0a95ca2c1e80dbec4bedadcab957cd851a219faeaa9ed63cf309a6d2605b4cde446d50cd443814eb163a7000271b049d8
SSDEEP

12288:VQVH8DGF6m25iuZJNIvNLjZVLY26e2HUQGJ+1hWcQs04bvEFJuPP6ojHeIBv7pj:WcDpmU34xdh6TUPukgAJun6qeIBT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
063761af45e91eeb0cf6b540a68a3d15_JaffaCakes118

Files

063761af45e91eeb0cf6b540a68a3d15_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 576KB - Virtual size: 576KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ