29523a353f8cbba751cf1cf71a3b386a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29523a353f8cbba751cf1cf71a3b386a_JaffaCakes118
Size

158KB
MD5

29523a353f8cbba751cf1cf71a3b386a
SHA1

a07d9be7af583ef2a3072319004f2a231db66360
SHA256

e8f77123b0fbf9b75c1bc29a5bac42fa3345a92c54db2fe97435c6948068b65f
SHA512

52d93d60d4520587e1a408f5305fa4c95891a717bb96b63ffcd5ae755e847ffd574554a038bea0dd7c703b0db872081f09eb139dd9fc19a991217d106ccf3263
SSDEEP

1536:7wxsoxR9Id864+ZlfDb1SZG2p5iz70cy6vEiMkwX9pAxvLernHaoANdyhGD6+Lru:7wxswLhCBPnyg9wtWgHhArecr+n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29523a353f8cbba751cf1cf71a3b386a_JaffaCakes118

Files

29523a353f8cbba751cf1cf71a3b386a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE