10c3950af2482b3d3c182f5c4f4dae7c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10c3950af2482b3d3c182f5c4f4dae7c_JaffaCakes118
Size

688KB
MD5

10c3950af2482b3d3c182f5c4f4dae7c
SHA1

ad82b151d6a8d8427b7dd767c5781378219709b0
SHA256

67110346d716ac03c42b5363fa59cbcb7b6842a9969ade8d37da2f24dbe778d4
SHA512

1b954884bf37b5337388148c79912480187cae9c3dd5eff9f783792b1ad850b9f5bb4786a5947aca4d7f2efced43fded51171cfabaae4803bd4c94977ea6a54c
SSDEEP

12288:PVYysM5TUdw6R6OfJ6i7lDol9d1BPHRwDTX967rmOFL2tePm:PKy35TFq60bS9FPHRwDz967SOtA+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10c3950af2482b3d3c182f5c4f4dae7c_JaffaCakes118

Files

10c3950af2482b3d3c182f5c4f4dae7c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 521KB - Virtual size: 520KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ