2fcb3a1f44bc33f2ef5ad5d81eca875d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fcb3a1f44bc33f2ef5ad5d81eca875d_JaffaCakes118
Size

655KB
MD5

2fcb3a1f44bc33f2ef5ad5d81eca875d
SHA1

06697b731c83619fdca55e54a8972879bdbc1bbe
SHA256

6949a262bfb60d6bab9fa5ffc1d4e5219afc3ace0a77c67eceef92972f06d6c3
SHA512

777fb2775c76a89b2486325f5b1cf6767e82f49cc4a911cde6d61a752bb660a7fe9fd6bdbefe1c92ac166989ee167236435fe94360122078a727670f05fba1aa
SSDEEP

12288:wdmHldG9b6P8j9UhgGSdv33OGpdC+cWZ3NddgeH9sDLLHeIBv7pj:wQFdQeGuuGSuGW25DdPHQjeIBT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fcb3a1f44bc33f2ef5ad5d81eca875d_JaffaCakes118

Files

2fcb3a1f44bc33f2ef5ad5d81eca875d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 518KB - Virtual size: 517KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ