2a1d1ec5681c2aa5f1e8ed5327ed2a8a_JaffaCakes118 | Triage

Sharing

General

Target

2a1d1ec5681c2aa5f1e8ed5327ed2a8a_JaffaCakes118
Size

80KB
MD5

2a1d1ec5681c2aa5f1e8ed5327ed2a8a
SHA1

8c27d0f4fe2dc84e251b272f3712931e3412df54
SHA256

1abe991fcfcbcb5ba2c743d703a1918c84d424d85637e02b778d62ba7c455802
SHA512

707e6e97727b3baacb7af6902533cacd965eeac0ca6df005a9811d447dfe2bbcda0275308873a2c5caf00fb8a0bba6a71fc265ca8956a9ebbfd54f009a403cc4
SSDEEP

1536:mwliezeDlrPeVHQH5d/Ah0fufUfl1Rv98PUM1eeVWF4AZPxGNOTJQrWueX:mUzeBPeVSPIhxfy/2xW6AVfD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a1d1ec5681c2aa5f1e8ed5327ed2a8a_JaffaCakes118

Files

2a1d1ec5681c2aa5f1e8ed5327ed2a8a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

g
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hkqcke
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

x
Size: 832B - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE