eb8d2fbb69426b55cefba83cabf2f54a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb8d2fbb69426b55cefba83cabf2f54a_JaffaCakes118
Size

85KB
MD5

eb8d2fbb69426b55cefba83cabf2f54a
SHA1

e3352e5ec390627f2690dc65b971cf7c11652571
SHA256

a9c184289c049b088feded8e1a1f77999c6c335821a4be0b07307bd55239e3a9
SHA512

182f0cb574ac56d84d30cad411a1b7fbdec078ddba8a957c61d83b5e8379799214d4c90c11e275a7c3d43e2362698aec2437909929f98281cc2c42e09eeed1bd
SSDEEP

1536:TpDT+mEQwhUqRrU/VUAdCAYjCYZlCdkbb/fcOZJNCWJGJ4iHi3A3mz29T4:9DimEQsU8U9xgnmYZJrkgNCW+4i54

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb8d2fbb69426b55cefba83cabf2f54a_JaffaCakes118

Files

eb8d2fbb69426b55cefba83cabf2f54a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE