ec5e6406f30f9f0fb872d126c0afb996_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec5e6406f30f9f0fb872d126c0afb996_JaffaCakes118
Size

167KB
MD5

ec5e6406f30f9f0fb872d126c0afb996
SHA1

972c3db35392d8b368cead8e199b18d6df009a27
SHA256

2c84d6da23c7135fda5503011b583b0356774208c238b9a982559e5c3bdc0d23
SHA512

659de411e17b02d437837f8874ba8c652e53453204dad05bd7355173f07039fd9e93a7f27655d949d585cfe09ce4668548cd70a1f1d8f59267224177ff96e962
SSDEEP

3072:eUuHKXW86BUNsPGCyKCAy4n6K33D43EjdlOIP:eamxRyKCAy4n6K3z40p5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec5e6406f30f9f0fb872d126c0afb996_JaffaCakes118

Files

ec5e6406f30f9f0fb872d126c0afb996_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE