0b0f7df210ebf9002b4ab3f7c19eec6e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b0f7df210ebf9002b4ab3f7c19eec6e_JaffaCakes118
Size

655KB
MD5

0b0f7df210ebf9002b4ab3f7c19eec6e
SHA1

6196024b916d0678890810c9f7bebd43f5b4a080
SHA256

b253faefaad50370f062470d060d0f760f670033b3f7505c3e819ebdbf492f22
SHA512

fd5dc2eb6fd6c15132a63fa9a91d43fc49914e96bacba82b460067193f24bf54aba80e9d77c0e72033ba391931b45e06f3eda1d0364c4f12524be86320def310
SSDEEP

12288:ydmHldG9b6P8j9UhgGSdv33OGpdC+cWZ3NS3Sxo5H9sDLzHeIBv7pj:yQFdQeGuuGSuGW25JxkHQreIBT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b0f7df210ebf9002b4ab3f7c19eec6e_JaffaCakes118

Files

0b0f7df210ebf9002b4ab3f7c19eec6e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 518KB - Virtual size: 518KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ