e7b7b226c86b69d782dc46702e250855_JaffaCakes118 | Triage

Sharing

General

Target

e7b7b226c86b69d782dc46702e250855_JaffaCakes118
Size

88KB
MD5

e7b7b226c86b69d782dc46702e250855
SHA1

3d10a4ab50c25065af6d2d42c5a5a177f3c501c3
SHA256

4e52fc9c465f24a7edaa18e41536a3230a972e2577d5ad3dcfbcc4150ba01dc8
SHA512

08898c4dd615d9bc436cad82ba41dcab0fa32c015a08bff49e76075552aa39ff57300cadeb0e27ef2ef9015031693c0507b80fc471ba9f7eff058c8ffd33405c
SSDEEP

1536:XUcjZoTIVGNFEQ3GtvEeSI7M5gr2QTbnARe1UfitevrNCAMb/zTgyCQdsPUN:EcjsQQEfsZN5TQWZoY5eQ4sI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7b7b226c86b69d782dc46702e250855_JaffaCakes118

Files

e7b7b226c86b69d782dc46702e250855_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE