e7bd60278e62e6b9bd5cb4a0b73c0254_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e7bd60278e62e6b9bd5cb4a0b73c0254_JaffaCakes118
Size

167KB
MD5

e7bd60278e62e6b9bd5cb4a0b73c0254
SHA1

246c567be5d6019f3d39ddc58ad6123180452f74
SHA256

203e22a8f8468c240697e420fd2a18c30b758e653bb0efb20369788b1d3a1e43
SHA512

9f99016b1e4c5c5c51a89d1cb3a048224a49eda6751a13257e7136dc19e71b71e4742adab5a7cb536eaf86d8a2df4e2cb8f73fd5ae8c914b0e9f830aafa5f81d
SSDEEP

1536:ZyxFGC8vPTYI4yR94XaVmLylol7LVpgKCzmYTThYfcB+B407v:IxcCmEI1R9caVqy+xLV6KCzPhY00S8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7bd60278e62e6b9bd5cb4a0b73c0254_JaffaCakes118

Files

e7bd60278e62e6b9bd5cb4a0b73c0254_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: 3KB - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 93KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE