0ffeb2770fe12ac72447b4805b993e25_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ffeb2770fe12ac72447b4805b993e25_JaffaCakes118
Size

570KB
MD5

0ffeb2770fe12ac72447b4805b993e25
SHA1

701350cbbabb3633e2052b939dbfc92a757147d1
SHA256

05cf77863a8643bea6fa41ff4bb45e5b0f4d47a8dd8a12d616de9b527fe430a5
SHA512

f03386f7aa51706ebb6de2a39e64fdc5b43fb726f086982ce56c6f4c13695ca7c2c74e96a841aa91237745df7bee528fd930f83061c3beff7d37294d8c780d33
SSDEEP

12288:UCpnpjK4aBdZLU9y/RKRrv7aZExzdvZ6D6XHATIM:Uop7a7ZoaMdmZEZdvZ6D63Al

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ffeb2770fe12ac72447b4805b993e25_JaffaCakes118

Files

0ffeb2770fe12ac72447b4805b993e25_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
RunOptions
RunProcessLog

Sections

CODE
Size: 457KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ