21fc8613c8524d79c6b03f2675717511_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21fc8613c8524d79c6b03f2675717511_JaffaCakes118
Size

158KB
MD5

21fc8613c8524d79c6b03f2675717511
SHA1

f0ef7c0f5b241ddd5685c8fac29a32cca02afb1b
SHA256

7d07c0262fe7e97d145c8f1a24433b341f687d90d540c8a6a354db4ee7c07e64
SHA512

0d2f2a3a9be309a4cae5a135cf0524395963e59e943f246705e4298f533e54907929d14d82b59d2aef37d793b457e50030f645ee11181ba19db6a61433eb5b36
SSDEEP

1536:AZAIa9iBvqEiMTRefUbBFbegDxBJbj5UbBk45p/VXTB9Lk4hRJazVb2//PB2Y:IAxihqEiGReQFbeKxXBgHVrI2RJ3nPB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21fc8613c8524d79c6b03f2675717511_JaffaCakes118

Files

21fc8613c8524d79c6b03f2675717511_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE