fd64cdcb9f9cfdc4c13650277e8c935c_JaffaCakes118 | Triage

Sharing

General

Target

fd64cdcb9f9cfdc4c13650277e8c935c_JaffaCakes118
Size

91KB
MD5

fd64cdcb9f9cfdc4c13650277e8c935c
SHA1

ed4a2f334776347f6ac53406938dceebb42a67d1
SHA256

ede82b96d4fea3a7544b33e2df36f99bbdb1248b6848f2de22caa8b919ea07e3
SHA512

a41bdc952537f7045363ba87e39479b8b968380996e8370c5599c06bcc460f3f301ed42f3f8ae1bf14a97d81f2303cd93ba289ed63a5860f304ecc3cc4349069
SSDEEP

1536:gDs7p1t8S9SjPKK2hLLBGT1C7hstJR6GD2dfo7D9ZELcuDf3RPTT/yrKtH1C7L:NMS9SjyK0Ld+4lsLRvkAD9IDfRPTTD9O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd64cdcb9f9cfdc4c13650277e8c935c_JaffaCakes118

Files

fd64cdcb9f9cfdc4c13650277e8c935c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE