212d99559dc138b9a65e46fc63d615f5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

212d99559dc138b9a65e46fc63d615f5_JaffaCakes118
Size

90KB
MD5

212d99559dc138b9a65e46fc63d615f5
SHA1

5be27ee38710201183e48edb19d08b94e5f8d340
SHA256

5760aae2f1465c7785e17c878f6eb761a36e61cd5c247fd8d6ad5855546a2ca1
SHA512

8a601d96e1e997ecd144b3f5caf2cf92dcf142cdaa298aa3ca3be9c8327d08920e3c8d71303fb2fab6dbdca45b1f528e204ac8ed366b03dd4a2f86b5d81ef209
SSDEEP

1536:sCxInV9bpCKRTWxXeESfsmECMiRYnsPvv4aKGimOPBm8+JZ3GmG4Ec:YVXWxXayFkYngnJKGjOwVE+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
212d99559dc138b9a65e46fc63d615f5_JaffaCakes118

Files

212d99559dc138b9a65e46fc63d615f5_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE