465bb193ab800ac9324b9c3d24d18b44_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

465bb193ab800ac9324b9c3d24d18b44_JaffaCakes118
Size

273KB
MD5

465bb193ab800ac9324b9c3d24d18b44
SHA1

d8294adb90b8b4686ce5e9e435ac77c107eb99ce
SHA256

db96f941ae50ea78ec09c7c3fc375e83c929681d2e341960ed8c8e7c2db266bc
SHA512

cf13ddc9f57e129451cc9af2606d13113970607a4c0be93018d20f87436c688690da9e1af999839c7af393b0c3eecdfa6a41514a6e140062dbe000e23fadf58d
SSDEEP

6144:hRtY0njOi0iRtY0njOi0iRtY0njOi0iRtY0njOi0iRtY0njOi0iRtY0njOi0iRtc:hRtY0jOi3RtY0jOi3RtY0jOi3RtY0jOK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
465bb193ab800ac9324b9c3d24d18b44_JaffaCakes118

Files

465bb193ab800ac9324b9c3d24d18b44_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
hgfrd

Sections

CODE
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 9KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 181B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ