eba939efc762ba0dd95489c255613eed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eba939efc762ba0dd95489c255613eed_JaffaCakes118
Size

85KB
MD5

eba939efc762ba0dd95489c255613eed
SHA1

c675b0d36517ef71e6df6f5d90eb5eb97552794f
SHA256

798bfc444ba0bb3fd1ebe4fea71c361f47b9b53531978a043e3c57e38074915c
SHA512

9f554fe8e6a80cbce6fd057d96d0c0aee500e046f8d9f3522d7389926361fd240eaf82411323f89b127a37e56e695605e4e136f892b38f1b7d3c8a24429059aa
SSDEEP

1536:7d+HXX1XR9E7Wt2PAXMDPF/2DL8iSQ5vKSYdxft9Mj0KoQW0Jf1xhit3rwlSdeh5:Zq9EUd0FuDEovElMoQbJlMde44V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eba939efc762ba0dd95489c255613eed_JaffaCakes118

Files

eba939efc762ba0dd95489c255613eed_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE