091acbbc645924aeba6334cff7a9b770_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

091acbbc645924aeba6334cff7a9b770_JaffaCakes118
Size

17KB
MD5

091acbbc645924aeba6334cff7a9b770
SHA1

483813dd9afd0ba9ca3510aa55338ea5ec3b22c6
SHA256

e0170ef0fdaa3551445a3e681275f8fc05ad9aecdad7fc1eac3cfcfc3a4e1045
SHA512

6a6e79d6273680739ced1064c60edfaab4ad9d65c19052aa84dd18005e6559d67692b93b0f99a8d2415d15aad8516d464763258fb9017fbf823a078239cc78f3
SSDEEP

384:V6e1J5MpliA1Q9dECtZ9GeaaOJhp8rixRBB:AShA1smCtjGHVx9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
091acbbc645924aeba6334cff7a9b770_JaffaCakes118

Files

091acbbc645924aeba6334cff7a9b770_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
LoadHookOff
LoadHookOn

Sections

.text
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE