4608d1b6023f5261724c3fd54c37aa33_JaffaCakes118 | Triage

Sharing

General

Target

4608d1b6023f5261724c3fd54c37aa33_JaffaCakes118
Size

216KB
MD5

4608d1b6023f5261724c3fd54c37aa33
SHA1

fdd0ccde74107b173267ba155a1e02ff37c17ffc
SHA256

0a183c70f45f829f73d395483b7b71b11c09551d0159e188da6fc39914a29d01
SHA512

fcd453c2ce51e221afb5d964b3cd7e086cc99a1ef18612ea1050fb251fd09e78264bbfc4490a36b86956de04a11094523304480efe0375d45d43f0f6f285636d
SSDEEP

3072:gEfai7KEfai7KEfai7KEfai7KEfai7KEfai7:gNi2Ni2Ni2Ni2Ni2Ni

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4608d1b6023f5261724c3fd54c37aa33_JaffaCakes118

Files

4608d1b6023f5261724c3fd54c37aa33_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
drtryu

Sections

CODE
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ