fdbeecbf79e9fe80321d65597ad4d3a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdbeecbf79e9fe80321d65597ad4d3a9_JaffaCakes118
Size

89KB
MD5

fdbeecbf79e9fe80321d65597ad4d3a9
SHA1

c063b19d28a93d34b6dc628fa0bc478a2c0dcde9
SHA256

ed150db16ea61f0e08b602144061ec030b981c1ccabe4d162c17fa6ca5bc448d
SHA512

53a18f0fb7a458deda3c2261e33a75e688ab07d74fd7662cca036b691630eea26e1cb228b0052b3df1b330e54a47b54e162eb77178675594871381dd5f238447
SSDEEP

1536:4ZnNIp7zrWeHkxofJixPyn1uUqinSbVQIA25jgpUF6ONIP7Vf57MiW:4U5ExoxWPynVntV2tWUFDNIjVfCH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdbeecbf79e9fe80321d65597ad4d3a9_JaffaCakes118

Files

fdbeecbf79e9fe80321d65597ad4d3a9_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

dsr59
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9xr
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lnfy7
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE