3f80be539b245e3f9153a65533603f29_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f80be539b245e3f9153a65533603f29_JaffaCakes118
Size

563KB
MD5

3f80be539b245e3f9153a65533603f29
SHA1

bcc6d1ca625bce95bc6f11695628ea32e53698a9
SHA256

b63de89cb937d9ae05e314e9dd6d2859c9c24d0ef587b7bb829cad9d11ad2a45
SHA512

63d23e605b29a5ff342350617e488f84e1fb2039fb845a6bacfdd9848e9f9b39afdc7a2cd021939847bc68570a9668ba0bbff64978448838a308fca2fbcd3524
SSDEEP

12288:80Et9YDc/Tk4Po4wSSqodPF9C2vTgYnEYXGRE:EtWDcw4o4Ts/9CknJ2R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f80be539b245e3f9153a65533603f29_JaffaCakes118

Files

3f80be539b245e3f9153a65533603f29_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 486KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ