176475822499205a04be86bcdc3b9f32_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

176475822499205a04be86bcdc3b9f32_JaffaCakes118
Size

158KB
MD5

176475822499205a04be86bcdc3b9f32
SHA1

bbc653a39a53a7866e40fbf5d9d867908e24c121
SHA256

5ab1c97a668319f6bf20cc1e4138d788c5973e915804a62e6791fbdb5dd74977
SHA512

1ddc3ec49e641ef29cbadfbaa8fefdf7898b05bb9de9189633ffea225d239a863f83b35736f8ebdd4844f7163485a87deaa49bad99e6637ccf5d4990b2aa1ed8
SSDEEP

1536:vshj6BsjkTmLVm4dujyK+F3ZK4jHWZ7Ay:vshjQm1m4Qjvky

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
176475822499205a04be86bcdc3b9f32_JaffaCakes118

Files

176475822499205a04be86bcdc3b9f32_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE