1af99159d42c359592eefc7ca09c6a9b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1af99159d42c359592eefc7ca09c6a9b_JaffaCakes118
Size

84KB
MD5

1af99159d42c359592eefc7ca09c6a9b
SHA1

db1318262e01d8730499ad5edd1485c80db3e154
SHA256

100bf7c10eceab2bfeb9fc5fc34196422d70387066108f686cf4ee9cc1333d9a
SHA512

7b43d7b4376957dbf5655fc47de9cd1aab352d97d679ecc41eb498f9f76796c7c8ea2683db16fc9f06f7579bfb5760aaf45cf1645db539f5c57b9a1802235528
SSDEEP

1536:VIsW3fyYANb0x6GZdxBJpGgXKXpaWWBGxxVSp25xwul/BzlYgKTx:yf+R0x6MrJpG6EaSxcp25xwYhjKTx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1af99159d42c359592eefc7ca09c6a9b_JaffaCakes118

Files

1af99159d42c359592eefc7ca09c6a9b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE