10570a96515d890c9af4b282a14a3ad8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10570a96515d890c9af4b282a14a3ad8_JaffaCakes118
Size

556KB
MD5

10570a96515d890c9af4b282a14a3ad8
SHA1

b506fdf0ad8306f715f0a1e84dc34da509194326
SHA256

ac4ba3bf4e8c41aa9c56b867eb72b98479e4d64d91195a56d970ea3f92e8146b
SHA512

077a3a6391780b0235b76adfa8cf97cc72f1a2ed10d400971e94f6e7ce26ece777a03e459cfe754c2fde93a227d708ddf99084fe336397682fc7a0974318d587
SSDEEP

12288:hyA1ZdqVfv/6HftOIA3+00wstpSdCi3TLdrviXA8//AcWVBw1:B1fqZCHwIr00taCiHR6V//JW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10570a96515d890c9af4b282a14a3ad8_JaffaCakes118

Files

10570a96515d890c9af4b282a14a3ad8_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 485KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ