0ed64bc9f4a63c22f91124b1c8714352_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ed64bc9f4a63c22f91124b1c8714352_JaffaCakes118
Size

144KB
MD5

0ed64bc9f4a63c22f91124b1c8714352
SHA1

80aa834fa8947e0498ceb8bff3be23ad452011fe
SHA256

edaffcc4b2c6135780893e1874d879c56760fdcc250c31b2fdde97b18e3841b5
SHA512

c7b80ce40c1fcfbb7aa38535aa10f1783fba314b74d73c92b9a78175c150aca9245f94ba4b6c37acf8195e47dcbd9c2e20c7d360b3e8c105dab1ea24cde094ea
SSDEEP

1536:qZoS9Rv4bib11bbXfRapJpvhFg2v8ttDpsTnOmRVst/w10x407TT7kqQs:mXhnvRapJpPgxDpost/w10xTzvv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ed64bc9f4a63c22f91124b1c8714352_JaffaCakes118

Files

0ed64bc9f4a63c22f91124b1c8714352_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Uninstall

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ