3bede8c794560bdff962043e87af269c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bede8c794560bdff962043e87af269c_JaffaCakes118
Size

1.5MB
MD5

3bede8c794560bdff962043e87af269c
SHA1

7485e26a2382c883992141896ab54f1a2d434f55
SHA256

691c488834f2f05e2ce6a9287db9252991423f9f45acda42d41ffd1c07dafb8c
SHA512

9f27fb882b02b16b5b71955edccf24f062fc58f70610d8e714fd586f169f0b652987b557ff0ce5fbb3a95d7b06341ab77e5d0cf2d86b48143f7264411c08d40e
SSDEEP

24576:8ZLbPDaewCdDktCQeHEReKxZlj6UyCPRvo6193FX:8hxgwJKnlj6UyCPRQ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bede8c794560bdff962043e87af269c_JaffaCakes118

Files

3bede8c794560bdff962043e87af269c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

�berhoff
Size: 1013KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�berhoff
Size: 13KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�berhoff
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�berhoff
Size: 512B - Virtual size: 4KB

�berhoff
Size: 71KB - Virtual size: 72KB

�berhoff
Size: 443KB - Virtual size: 468KB

�berhoff
Size: 10KB - Virtual size: 10KB