02d17556555ae5f577be6300e4a1c998_JaffaCakes118 | Triage

Sharing

General

Target

02d17556555ae5f577be6300e4a1c998_JaffaCakes118
Size

87KB
MD5

02d17556555ae5f577be6300e4a1c998
SHA1

f091ffee4faec7162f3aaeb4b40739f57e511073
SHA256

ed954217d1eade30314b031ae7266958a99fe3069d0d99f8373a932a48fb86dd
SHA512

9e8d81d8cec0703a4b829afdfd0daf739f6d224b990057260667d56e1de90361feb2c1e54058dce07dfcfb7b868f10092aeea96cfe0fb0f0963c199b79d4b9b5
SSDEEP

1536:X0IzQWqT+C/GmAvDBtvLDWzEMz9eVDrFiuJ7rXs+qEhC/z:X0jT+CNSDBtvvWHgrFiuJ7zOeC7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02d17556555ae5f577be6300e4a1c998_JaffaCakes118

Files

02d17556555ae5f577be6300e4a1c998_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE