1808e9d779184b7012f2a7f1a3cbc483_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1808e9d779184b7012f2a7f1a3cbc483_JaffaCakes118
Size

18KB
MD5

1808e9d779184b7012f2a7f1a3cbc483
SHA1

66b109dc17cf820a5220a10638a523d052975b89
SHA256

fb8df86078368b3fef3cb23ea5ba1850a792b21c24af9069e62eff0f575f2c97
SHA512

a5ed72e192aabb658ceb8e6021481185698ad832a924da44bd46e5c15ec861a4beeb903131adbb65fcebaaca5b4f18135b829a195d802bb4473709995104eb79
SSDEEP

384:zdwhY8Mb3kkqaTGptKogByt2fDnLSIGYE+AQhy8cV99qfVc2Lo:gY8W0JKogBGCrupYlNy8+99wVLLo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1808e9d779184b7012f2a7f1a3cbc483_JaffaCakes118

Files

1808e9d779184b7012f2a7f1a3cbc483_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
LoadHookOff
LoadHookOn

Sections

.Upack
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE