08b5793a66cdad1f48ca9e9ef7d42527_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08b5793a66cdad1f48ca9e9ef7d42527_JaffaCakes118
Size

1.5MB
MD5

08b5793a66cdad1f48ca9e9ef7d42527
SHA1

99f5a85e3fd101a376b85ccabfffcbf083b6bebe
SHA256

785fef897ea549466c86a7833f3296228e3cf2afbe5c267e81f364dd515414d2
SHA512

c328d16723ef4aabfc8d43d6d2e20755ce0f280567ae0c817f37194586b9f9cb2bcc7934901b89a2331ce74a219f08a27c90f3eeba882cb396061c631e54e494
SSDEEP

24576:bJladqxg8eF/JpyGorU5ShpoQWUw4MWn+tSWgzNH:tQk4/X5OoQxN+F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08b5793a66cdad1f48ca9e9ef7d42527_JaffaCakes118

Files

08b5793a66cdad1f48ca9e9ef7d42527_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 1023KB - Virtual size: 1023KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 165B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 353KB - Virtual size: 353KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ