00447ba0fec884c5f0ae54241cd7b6f5_JaffaCakes118 | Triage

Sharing

General

Target

00447ba0fec884c5f0ae54241cd7b6f5_JaffaCakes118
Size

89KB
MD5

00447ba0fec884c5f0ae54241cd7b6f5
SHA1

f6321bfd2c18d1313bd09fa541fca52610665a4f
SHA256

12d9df6ca321dee486dbb6c2d5f2ce1c42c16d6d4f1ab118ccbc76985bf1d798
SHA512

05241b513329b1447f91767e8bd3307d14553cd82496cf6bc2097fb470be3848ac1e60ba1be612afe07119ad0728f792065b1d7b4dfe33c1dfb051bf67832370
SSDEEP

1536:NnG7KVWoNW8lAS1the//LNKKQwa6Lkn7G0gL2Isp3yNKM:oe4o/Y8Sa6L87Grspi8M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00447ba0fec884c5f0ae54241cd7b6f5_JaffaCakes118

Files

00447ba0fec884c5f0ae54241cd7b6f5_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

kl85
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uenuj9
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

f
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE