2af75f347985fce4b81228fef52d8f8a_JaffaCakes118 | Triage

Sharing

General

Target

2af75f347985fce4b81228fef52d8f8a_JaffaCakes118
Size

440KB
MD5

2af75f347985fce4b81228fef52d8f8a
SHA1

0110e04f581ed1eb0acbaaecaa1eb7312c5c1d58
SHA256

d7d0e32c1850ee269f5378a5d263e11000fd9a0aacbff1bb4f60ed0fd786c453
SHA512

ae2cf88c9506f526fd5678632295bec72078a0e4ce7124d5a9a8693d0733434a578c179fd359f4f80ee731cf4fff0fdd97ae30870133a5b6e1d0c6b4034fbc77
SSDEEP

6144:G7gKZg1i2qZAK3XSZfYGLHMBmSc/WOYYvf7IMjAr6WquPnBV0syi31112bDjHvLO:G/Ai2qq7ZfYGocBWquPBV0mgDzAh1f/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2af75f347985fce4b81228fef52d8f8a_JaffaCakes118

Files

2af75f347985fce4b81228fef52d8f8a_JaffaCakes118
.dll .js regsvr32 windows:4 windows x86 arch:x86 polyglot

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ