051d69ce1c5ad50313d05f0fc4773b37_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

051d69ce1c5ad50313d05f0fc4773b37_JaffaCakes118
Size

45KB
MD5

051d69ce1c5ad50313d05f0fc4773b37
SHA1

5c650a7a80a5f1b8df03dbbf4d58ab59ee8b68b0
SHA256

1ceb84191a0746d00a935c7e77988d1fa46a37d2c6889c4af2ae7d1f4ae5c570
SHA512

9a0b2ca2d29afc5f96d4634f936c162110d002f8fb9ce0a6e831ff68174994f1e0a0fbea9c6812f3da5ffd087710fb23537012952c66cf020f08f4f8effb1252
SSDEEP

768:eXCSqWQ1geCiGgLX88+6J6NKLiO5OpBlmn7eQzILohuFW1UnOxVHJ0N:eSSqWQGPgLX88+6bLiGOpBlmBIsIFS54

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
051d69ce1c5ad50313d05f0fc4773b37_JaffaCakes118

Files

051d69ce1c5ad50313d05f0fc4773b37_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MsgHookOp
MsgHookif

Sections

CODE
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ