3f191ffe80d0f0e7dfb54033ba8f8590_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f191ffe80d0f0e7dfb54033ba8f8590_JaffaCakes118
Size

588KB
MD5

3f191ffe80d0f0e7dfb54033ba8f8590
SHA1

045692149f433eabdbf8d811e6a7bc82c6d60b13
SHA256

d80c6b4677440e1e556099057d1e3da9b441df488afdd726b1da3c99887519f1
SHA512

9f2726ab070d6d21e587dfa637b8c745d7cadffe29d1f9128459cc263047590d02e0c40d93f90d01ae80e1d984c34a97843b438ef8d08d35b7b35bd04d28cd8a
SSDEEP

6144:e5KVlL3xB7reTRz8Xp+8+NlxhnXV5cCLxSzmhbo+90EDfXFwtobyI1q6DOU7Bx0W:XlLh1iOXpVGr5c5mZojEDfXKto/P7BA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f191ffe80d0f0e7dfb54033ba8f8590_JaffaCakes118

Files

3f191ffe80d0f0e7dfb54033ba8f8590_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 433B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ