0ab651c4de273bc3564223cd32f0b3bd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ab651c4de273bc3564223cd32f0b3bd_JaffaCakes118
Size

192KB
MD5

0ab651c4de273bc3564223cd32f0b3bd
SHA1

90457b83d4c8aa896116f303cdccf24a21e42e98
SHA256

e8e9dc5bc0e834f45ea6824c0fc8550960e0b573e7691727c171e09c76581b72
SHA512

e33b2edf3440428e9a71c207b05a01b8d3b1e181a5d505d79a9e41a7d3c14c64ad66f65fc2f9a30c6a9d337aba479e825026086b37e2bf12deda34c375458575
SSDEEP

3072:hMshA4T+I6VIG//C2DxAxojgjJgVPwbYPT4VMmfNErZeLeBdVw9+TpFLrD+u3V:7SA+I6VIGS2DxAJJOPlMLfNErZa8zJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ab651c4de273bc3564223cd32f0b3bd_JaffaCakes118

Files

0ab651c4de273bc3564223cd32f0b3bd_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 165B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ