36750e369f5f9817763d5b03548bd635_JaffaCakes118 | Triage

Sharing

General

Target

36750e369f5f9817763d5b03548bd635_JaffaCakes118
Size

386KB
MD5

36750e369f5f9817763d5b03548bd635
SHA1

9771eff86314de86df81eff7c812941cdac32eb8
SHA256

7ad06e53ef711594c384d52920f854fdb9e23c8d2d8e1336d3f034d36c450b89
SHA512

bfc2b1f87e13b8edd8a1dc26acf7c61fe81ee3901c6c6e358b7617bb6529eef42e0bcbc55f7e1dc932715b7cca25b06477edb6426006510bbe591de228d5f148
SSDEEP

3072:scWOH8ByA7OQDJPn6LEeH32BOiACd2GDafSySxo8eih1EBmlOxZ7OyEoS52I6KW/:kOqo7H32BOiSKafS1eikBuOxZOSeu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36750e369f5f9817763d5b03548bd635_JaffaCakes118

Files

36750e369f5f9817763d5b03548bd635_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 393B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 158KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ