e8cdd6a28002568d049d1a23af082689_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8cdd6a28002568d049d1a23af082689_JaffaCakes118
Size

167KB
MD5

e8cdd6a28002568d049d1a23af082689
SHA1

a60bb967cf1505629508c375c6a810c6780214dd
SHA256

14fa8984417bc1479b0aac82cbfd6dec4976d8a9563888f0595aea31bde38cf2
SHA512

23e8f06b6f08c34d34263051aad4785ec41b36e99fd65a884752a56b8f0d4d4b82da89bbaa1a09fc1401ecb187390a70ee546eff67e2ec4530a44a7ba8b05b68
SSDEEP

1536:FytWyVv5a8eujg8sSZKU1J99H3Xe/0ucyH/OsptUhgWndPyxpa8TFPTk:ctfv5aNN89fH3Xw7nt3IF8pa8Tdw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8cdd6a28002568d049d1a23af082689_JaffaCakes118

Files

e8cdd6a28002568d049d1a23af082689_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

l8vus85
Size: 1024B - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ueo
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5v282
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5v282
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE