2933b86051540d443f9963e4b94eefbe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2933b86051540d443f9963e4b94eefbe_JaffaCakes118
Size

88KB
MD5

2933b86051540d443f9963e4b94eefbe
SHA1

ade38f05bd94191e5de3308f07be47bb22a67a49
SHA256

2625364af6a1c22eae76bd4a6758bb9fe4a788faeabc66059aca23f4f5ad574b
SHA512

2d980142d377c69605d6194190c4368c3d007cc99ec4a0888462328ce7945d502887850cc4a7a93c42b0b391427643d052638eeb46b7a0982be69fbf5337aca5
SSDEEP

1536:n7nVLWLd1ISEDfUCI/DI+BRRcI09+J/+bL4VefPXGFytaAZ2MOVu/JYwXIAsHdNg:7Vc1ApBxbaYL4V+LaDiavPPBO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2933b86051540d443f9963e4b94eefbe_JaffaCakes118

Files

2933b86051540d443f9963e4b94eefbe_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE