f1af4908b8967d7b5ae1ab945e6dd66f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1af4908b8967d7b5ae1ab945e6dd66f_JaffaCakes118
Size

26KB
MD5

f1af4908b8967d7b5ae1ab945e6dd66f
SHA1

42df3dba2f49c0e3724287978cc497584e8078b0
SHA256

55629d0ced7f637dd6406c44977b0f1b6add57e2c67028676fe4c16182388580
SHA512

027a08783af0882affc7ae54bc5357d48803c1e0f85ab276355091729ffbbcc6a6f5384a9028d6fe171fe94759737a0b7bd0d300e1f023d9b0c06b4c3125e645
SSDEEP

384:Rucxz0CmYkqd+17sQyYWy83cqCk7Qxg3fWEB6KxJj7p3z40eeLtpAzuj/pGuWlVw:A5CmdqdSwQ/i+kmgPCMp00H2uj/gBlVw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1af4908b8967d7b5ae1ab945e6dd66f_JaffaCakes118

Files

f1af4908b8967d7b5ae1ab945e6dd66f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
HookCl
HookOn

Sections

CODE
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 195B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ