f579fa903c282f2d04a5bd7bf8278129_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f579fa903c282f2d04a5bd7bf8278129_JaffaCakes118
Size

158KB
MD5

f579fa903c282f2d04a5bd7bf8278129
SHA1

b42f1b36900f1e37a768cac02aa4cf37195f0027
SHA256

b5a0d585209e02ea37c1d5f63d69d1fa368704e64a311331c15a88d865f63917
SHA512

cd3b23aad6e6a47b63cf5cd9e2749aacc1ba3bc5917a039f077fee821489b518b1b1f1ad182befd052fc400db8d3b333a29dcf2fc627110e1855c6263436a0f7
SSDEEP

3072:SEes9iaWP2VOeepwSB+Ripi3lC+JesEn:nesFCIO7wScipiVCk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f579fa903c282f2d04a5bd7bf8278129_JaffaCakes118

Files

f579fa903c282f2d04a5bd7bf8278129_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE