028b84d25b2cfff06a813b0a6a606660_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

028b84d25b2cfff06a813b0a6a606660_JaffaCakes118
Size

25KB
MD5

028b84d25b2cfff06a813b0a6a606660
SHA1

f16ed1b8c20495d0d592578ed7a6f5ac2991fd0a
SHA256

c2835b2a3113c673bcdc52baa419e58f1d02be657ab6e459f221e7b57c679101
SHA512

8699a210776dcc8067e24b63488716e027d28fbe892b32e271eac6f7adf01625d660822ea00d77b88a90de51b232f135212266715b360c12c095150fd1572827
SSDEEP

384:nV5NnTxvpnNLrLwWmHOBBUkeQvqgwepbC36RTVEobQtUI4pSbK7L:z9TJpNcZqBo2ni6VVEiBI4paK7L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
028b84d25b2cfff06a813b0a6a606660_JaffaCakes118

Files

028b84d25b2cfff06a813b0a6a606660_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Activate
DllCanUnloadNow
DllGetClassObject
HookProc
Logoff
Logon
Start

Sections

GST
Size: 512B - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tGc�
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��l
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��l
Size: 37B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ