04b075251fdeb68969169cb815fb9e84_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04b075251fdeb68969169cb815fb9e84_JaffaCakes118
Size

82KB
MD5

04b075251fdeb68969169cb815fb9e84
SHA1

ed4da988946e26b84e141c0d22c47706d5c8bd5d
SHA256

e8490a16c32eaaf2b08ada98c85ed1afb84b3c88e5b637bc1c5fefbb9d2369e8
SHA512

5f59824c926dc9636d3d9a672b684bf505feeb5a3ba36fc2e67a7d0cc1931c7c0268ba3d4f46f50a6c3d363e1f34c9bf2b1b6047bcb722fb04e30d917b2b08ed
SSDEEP

1536:KFphCsonwUlNEzxWdrAvj0RPF0h8k79Pl5E0HW6OQ6tCT:KvGvmvIRPFidklA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04b075251fdeb68969169cb815fb9e84_JaffaCakes118

Files

04b075251fdeb68969169cb815fb9e84_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE