3c4b3046463424f633a5aa282ebf915b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c4b3046463424f633a5aa282ebf915b_JaffaCakes118
Size

370KB
MD5

3c4b3046463424f633a5aa282ebf915b
SHA1

6f1b0968b6bbb12b1fd9109bb81246213465ae57
SHA256

2d475279da848e82d363425a371826af8bd70bff9f48d743668c3e7e5b393cde
SHA512

ac943ff6963f4710aeedcfddd8482f621bdbd3c60802d1fee498cf92baea47ca803bd1734c4666afc82cafc9ecd0641af0eb1d1df84222afa9bbf804dd33b390
SSDEEP

3072:06NICrsgAY3N5X62LQR2/jk4z/mpTbEtZmvgjMzpA8OxZ7OyEoS5dVs+iDXeBvty:RJ3HxMRyjk4LmpUKvgjwa8OxZOeeO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c4b3046463424f633a5aa282ebf915b_JaffaCakes118

Files

3c4b3046463424f633a5aa282ebf915b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 393B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ