144a764e8fafa65be72ee988f05f5409_JaffaCakes118 | Triage

Sharing

General

Target

144a764e8fafa65be72ee988f05f5409_JaffaCakes118
Size

611KB
MD5

144a764e8fafa65be72ee988f05f5409
SHA1

2377742ab5c2769b378b69f3eea4cd46c12cfbe1
SHA256

09849013f519937160e8ba8a922d4deb2d4327f5e111165664c358215f1aa353
SHA512

ae9d28f924a7fdc9c73c6501d6bff2b8276b1bdffbae62b376638b4b26555350626631fabb32f138912270bd283b3d5448621230103ffb56e85a9bb7b6fb842b
SSDEEP

12288:NaohE5giRWq3Le55Kil3XZo5EDfXKtoOUn7BJ:N/55KsXe5EDaSOU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
144a764e8fafa65be72ee988f05f5409_JaffaCakes118

Files

144a764e8fafa65be72ee988f05f5409_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 437B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ