1a6a641ecc7b2bf514068aea1aaefd70_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a6a641ecc7b2bf514068aea1aaefd70_JaffaCakes118
Size

70KB
MD5

1a6a641ecc7b2bf514068aea1aaefd70
SHA1

89a109888f51f6d2eb8561da5d4256be22add1ea
SHA256

b3fae34f40c36bccdea042c296230a081c4de98dd0731b633cb1bb30bc1129a2
SHA512

9362b107717662215d8eafe7025d3f542af4e8e7b47921f38fdbce6633a6bcb7e756b93e04ef75d0b445f1f9c636218538636e1d8ee097d4f490ae361e527837
SSDEEP

1536:8A1wLZVcrLUkzZZo+D636Vu//1WeJQ/c0eR8fkAa864hLa+B6l+TnkkX2:8A1KQLUOa+GqqpJqYRqhakLtQlKkkm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a6a641ecc7b2bf514068aea1aaefd70_JaffaCakes118

Files

1a6a641ecc7b2bf514068aea1aaefd70_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2B - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE