088ddf1c7ec5454ce7a5a12564fc83ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

088ddf1c7ec5454ce7a5a12564fc83ba_JaffaCakes118
Size

45KB
MD5

088ddf1c7ec5454ce7a5a12564fc83ba
SHA1

54a2078780b54c1f0ec04fc389aabbe61d55bf75
SHA256

71ebc151a86264c6c565ec8cb673ff36b49d5a885f70d64821d36f1aba8523f4
SHA512

7cf07c3eeaba4463bfee03ad5347b49a3a4d82dd4319e3a465cce894fb86ac0bb5dec762520b33d8668de7ca2a6e83602c6b41ad9eb8fccee6e0294de4267de8
SSDEEP

768:fSQMqQCpiQoMxKbwdIeu8iO5OpBlhrJ/Lrjak/c6E0fTLlVbgUND8xO3QgdOy9:qQMqFpiQmbeXiGOpBlhrhNxvlVbg+0+X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
088ddf1c7ec5454ce7a5a12564fc83ba_JaffaCakes118

Files

088ddf1c7ec5454ce7a5a12564fc83ba_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MsgHookOf
MsgHookOn

Sections

CODE
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ