41fe40818f0d5fc13ef28484cfdb7e2d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41fe40818f0d5fc13ef28484cfdb7e2d_JaffaCakes118
Size

517KB
MD5

41fe40818f0d5fc13ef28484cfdb7e2d
SHA1

6b1b6e9f0dd4f15a0b7244049b79164789914e9f
SHA256

bc1080151154939f8ae9a57dc5f3ae4b5cf013c6b7128c4d217193ab48830b05
SHA512

e964dfdca04557689d16921e87ab5ecf9b2421b1f2ce80df9f614e0d0c0914a3227bcf742697cbf184aa1592647029e90be8b8b424de40abeaf3d9076c73f8e7
SSDEEP

12288:o7Eat0KEdOMeSW0E/IyG52uQCTXyb802GaqI+Ow8:f40ZuSW0BH56Qy+qI+Ow

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41fe40818f0d5fc13ef28484cfdb7e2d_JaffaCakes118

Files

41fe40818f0d5fc13ef28484cfdb7e2d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 441KB - Virtual size: 441KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ