04960fa86d52038b6e4e4e67ffab085e_JaffaCakes118 | Triage

Sharing

General

Target

04960fa86d52038b6e4e4e67ffab085e_JaffaCakes118
Size

83KB
MD5

04960fa86d52038b6e4e4e67ffab085e
SHA1

8e4eacd071651b7e508171d404630339a636b3c2
SHA256

cd8f4cb4213264437d87ac083a60103b9052d521cafb4926b702b10b7a48cab8
SHA512

c6bb326b206fb76c9a39cadb1ace9a311c9edcc8d58984ee07642fa6880f8107123d859ddb1b2fb8452c0f2b1709467096dafed29adea0cbcaf7a3a53414a2d9
SSDEEP

1536:qG86+eQEF/8Kxy6wXMj92+e8fh9sorhuqvwDMXnrp4PL50fQJIbue6XsL01Xjlu4:qMZQEFby6wXMRVP5Cglt12L5x+uPX40V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04960fa86d52038b6e4e4e67ffab085e_JaffaCakes118

Files

04960fa86d52038b6e4e4e67ffab085e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE