050864f48293aea77404ab851e06697a_JaffaCakes118 | Triage

Sharing

General

Target

050864f48293aea77404ab851e06697a_JaffaCakes118
Size

21KB
MD5

050864f48293aea77404ab851e06697a
SHA1

752c022625b5a6808a4c8cbf90cc000f60d59e13
SHA256

75b53c191f7201458b51bddcc43317fd58dbf74c1ea4a7f659517cbdd2e6cc7c
SHA512

fe41b582fc6a95b5e35d7f615c7e087e4147dd415ebd019db3145108ed61f41e8c2a5325486409085beabcf81afee6e848f8c8de845a709c20904c708f32ef8f
SSDEEP

384:KX2vD4nKoatxK4ED8XVRdvwo/7/vVgvTD4qLIXtFvEV+2oDxnG:821K4I8FRdvwozFgndE9pE2D8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
050864f48293aea77404ab851e06697a_JaffaCakes118

Files

050864f48293aea77404ab851e06697a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JmpHookOff
JmpHookOn

Sections

Size: - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 859B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE