f6c0cd65dada2d43d2a0eaf7b3ad22bc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6c0cd65dada2d43d2a0eaf7b3ad22bc_JaffaCakes118
Size

46KB
MD5

f6c0cd65dada2d43d2a0eaf7b3ad22bc
SHA1

72235de38b8f4711f858fd719bc31c104fb7e2bb
SHA256

81d6e81c072dc62c7674d17adf16fb208b668ec4eec779ff4569172b61890124
SHA512

fe6e0429746a05b4446e68b100b29552937a66cc6e851ad7a53cac3da5f82d7ede0f3cf7b76615f643f768f7c5866eef8712e1f8012046db1c04aa125ef2b40d
SSDEEP

768:5mpM8VB5IRtRHZQFJbq68GLiHCjMAZ/r7jVsUm4L1u89+Xfx4q9sypxzA:5ajy5QbqSLiHCj/Z3emL79+X5RnpxzA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6c0cd65dada2d43d2a0eaf7b3ad22bc_JaffaCakes118

Files

f6c0cd65dada2d43d2a0eaf7b3ad22bc_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MxHookOff
MxHookOn

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ