179fbd230ff785b5a832ad014c750309_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

179fbd230ff785b5a832ad014c750309_JaffaCakes118
Size

108KB
MD5

179fbd230ff785b5a832ad014c750309
SHA1

42ff36caa91433d624cf34122fcffc8ac1a27eed
SHA256

8cd74c36f94ea2c8c75f4d951a3c39784c5c596acf8aae6613184e7cca918615
SHA512

3dec420d287faf3b2a2355bc80a284532e498412c8bb0c024a7e7c2ff284316011f97e3613d933022f0827185f7c74efe708f5368faccb3233150ba99ef68873
SSDEEP

1536:bPB4RVaouYF+wDr7rDdqDLtZuar6kf8P7WQUXbTVI3:t4GYF+qr7rwtnf8TWDbhI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
179fbd230ff785b5a832ad014c750309_JaffaCakes118

Files

179fbd230ff785b5a832ad014c750309_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ID
laspi

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.odata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ