fc275f65336e427811cfdc3e3596fe52_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc275f65336e427811cfdc3e3596fe52_JaffaCakes118
Size

86KB
MD5

fc275f65336e427811cfdc3e3596fe52
SHA1

f92d2302c063018c3d2075f1162511904bb8d591
SHA256

e923bd1001072175d62fd7eb0440db92d9ad539f1a7d4113eb6ee9008893889b
SHA512

c43b169715897675e4b77435daa04b472e9713814466b1a0d40eaf56d94efcea93daf540b2765703377a8ce98914e83efe7592d2439c6939c2c5e8d25e9ddd74
SSDEEP

1536:sRDo/Ya8nj8I2ntTjZu44pl81KNyjCmdiVHLLcQJzYYnk9ZNWXFweXHb4pg:I0bg2hK81KNym6iVFdVnk3Q1we7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc275f65336e427811cfdc3e3596fe52_JaffaCakes118

Files

fc275f65336e427811cfdc3e3596fe52_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE