08a44038b893b9a970e982db1dc2140b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08a44038b893b9a970e982db1dc2140b_JaffaCakes118
Size

88KB
MD5

08a44038b893b9a970e982db1dc2140b
SHA1

c8df15bd006ce16aa6f9103f132d8be63dc5a193
SHA256

db2a66fff9eb3f64f4733449f7657eb8174bda8737a4144d72074795539c5b72
SHA512

e1189cbf98d9f577ab3b41ea12b7417d78bd7a48316e1794465f93cae93d0700a0579efe9262145bf4df3eb0ec63b6cf2e2d6cad72345373202e3953eb6fd6f2
SSDEEP

1536:PEGxkWhEYX1cGEfOcPOGHLKBXu8gBFdRl4ZmsQGVK4duMLApx0H5NXxrM8bOGK:PEG5X1cGbBXuHBFdkMd2KauN0Z5xrMd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08a44038b893b9a970e982db1dc2140b_JaffaCakes118

Files

08a44038b893b9a970e982db1dc2140b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE