166f6fd95ad5065cecbbcaf8d0e6dea4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

166f6fd95ad5065cecbbcaf8d0e6dea4_JaffaCakes118
Size

31KB
MD5

166f6fd95ad5065cecbbcaf8d0e6dea4
SHA1

1bf494600da98d8dfcfa9765f257fdc2b7a849a9
SHA256

e73f7ab3cc3f038103cd382b809e81ca37479a51dcdd3c2b8fc311d88139e90d
SHA512

10428c8d1b670d3ea426d3b9fc7937711ca4db181a2cef690011f4612567ec817645f3ce554533553b80c9d405a39f65d58843f8b54aaddca20127b9c3e421a2
SSDEEP

384:RNNe06t9hcW1hQElMPF1o31ZO57pnR9C5LCvI9U6JsG7y8WIHLb5ZYjk:FeP9hzlgrhJbGL496pWwUY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
166f6fd95ad5065cecbbcaf8d0e6dea4_JaffaCakes118

Files

166f6fd95ad5065cecbbcaf8d0e6dea4_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
drtryu

Sections

CODE
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ