fa574faa3048c00f119d8a00ea666ea4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa574faa3048c00f119d8a00ea666ea4_JaffaCakes118
Size

86KB
MD5

fa574faa3048c00f119d8a00ea666ea4
SHA1

97d83f3aa89e151c2e0b3a3813ce91622a481cae
SHA256

517e5567cdc95dd15ff20b518531c5f6fe81f34368457a00cc397c24fee52708
SHA512

6c4b3a7d43e3bf44fbca8262de8c9dbe708b654e83d184b178dea6708550dd377ee553f484386b267007fd96b9e675b71ccc7eb5373527d343ebc3ec2bab1604
SSDEEP

1536:QL74v90Hg4kw2n446hCbwtBsz4rbaZo5lXoUn/Bn8xg5iWqUPmNDQhRRTGjb0Kqk:QLXhin4bM0BszUbt//B8xd9xqEjb0PQr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa574faa3048c00f119d8a00ea666ea4_JaffaCakes118

Files

fa574faa3048c00f119d8a00ea666ea4_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE