f1a023aee43676ae131360356fd06962_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1a023aee43676ae131360356fd06962_JaffaCakes118
Size

86KB
MD5

f1a023aee43676ae131360356fd06962
SHA1

169f15ff9a7b299aecfd54f8a021563998cb52b1
SHA256

39a90b503a663f4b6d4bc91bd6958f9dd789babb28f99f42e11042fb1b3f93c8
SHA512

05aba8a5840db5967e4247e1fa814245f490fe9e405c04c55dab5d156ba967a92ec7f25acb1c4ec40dda0673ef67de52a8102aa5a83afc32e7739dc0ee84f089
SSDEEP

1536:Te2vKVdq6zPVakQ5LPy1G5PBeRoN6BXNiV2EgTpC4zYa+JR73nWmh86e7s4:T/yrPVakQkW5OB982EsZ+JR73nWmh864

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1a023aee43676ae131360356fd06962_JaffaCakes118

Files

f1a023aee43676ae131360356fd06962_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE