1b5797c1e61cadf94b25b146b95c13cb_JaffaCakes118 | Triage

Sharing

General

Target

1b5797c1e61cadf94b25b146b95c13cb_JaffaCakes118
Size

30KB
MD5

1b5797c1e61cadf94b25b146b95c13cb
SHA1

8f6aedb98340e0c42836947a30eacdcf2bd55559
SHA256

06370b351e6f8009606ca1f4dde75d2eb77e19d292e81396dd1b60814108a5c3
SHA512

f107849c096c35c7b0c226bd502573201642b3e4d648494f8a5eacd89219daa558ace4ec0974d4153feb83ab53a33f04a08d8f4e72c3f2476b98dceaf0e15619
SSDEEP

768:lLM8JjlVmnpNqRW+UkzOHJgTAHdhP8RCz:lLnjlVmHDkc9asz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b5797c1e61cadf94b25b146b95c13cb_JaffaCakes118

Files

1b5797c1e61cadf94b25b146b95c13cb_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ClseHook
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OpenHook

Sections

CODE
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 199B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ