3c5928a0e4f02700bee7a2bfe237f388_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c5928a0e4f02700bee7a2bfe237f388_JaffaCakes118
Size

1.3MB
MD5

3c5928a0e4f02700bee7a2bfe237f388
SHA1

a24c251c9b145ab96b57cf1e80406bc74e8d6d04
SHA256

ac9a4c97b8397ebef3b8e8cd669cfafd8f0b00ccdffb909a64889a7baef35b94
SHA512

5c20ac54b378400c1a770e18f2ccf0aa40f3642be505d4e2f3e1a508b8b949b2b21536113b5bb31dde7ef069ba5e41c004fa4a2d74915952053b3a31233843d9
SSDEEP

24576:MU8QZO4MUykKjyafLD5GTcBhB0JlZlVMi99s66666666666666:M5k6y8cTKIZ7ML66666666666666

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c5928a0e4f02700bee7a2bfe237f388_JaffaCakes118

Files

3c5928a0e4f02700bee7a2bfe237f388_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 703KB - Virtual size: 703KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 545KB - Virtual size: 545KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ