08b205563e2e425ec8473d02d31195c3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08b205563e2e425ec8473d02d31195c3_JaffaCakes118
Size

653KB
MD5

08b205563e2e425ec8473d02d31195c3
SHA1

34ca8d849d1b7170e63f3e623c76ff2c9186e25b
SHA256

7f535934278ee02589579cd782a6ca054ce6f7cf19c82bd2bd51dac660d67084
SHA512

c2866a40b8f365fc95edaff13a08dd79644f9a0db4e827a0041f86c666a81f3fd117ef82538003265027b9a88e0f76d82b582f95e7ad8e94d06a433da2039e9f
SSDEEP

12288:6dmHldG9b6P8j9UhgGSdv33OGpdC+cWZ3NpZLcsBH9sDLUHeIBv7pj:6QFdQeGuuGSuGW25zZLc0HQIeIBT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08b205563e2e425ec8473d02d31195c3_JaffaCakes118

Files

08b205563e2e425ec8473d02d31195c3_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 516KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ