2a389a590fefd618fb72c547f9a99f08_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a389a590fefd618fb72c547f9a99f08_JaffaCakes118
Size

140KB
MD5

2a389a590fefd618fb72c547f9a99f08
SHA1

7def18ab930e9796da86075ce1ba7b88549f5ade
SHA256

a39d65a19fd7cb61169be2ad2fb125760ca7170af2c757cc396c5b28a8a65e0f
SHA512

da5913aa9eb9b9d24fd81b920402e284b70415d6a456eb1f1302d9a6ae44643c6864748bb7830354293a92789417311f3fa3fa4bc82711b2eb70bb71866f9498
SSDEEP

1536:JTXt5GWKmwNDUPj/Aw9NOjF/Dk5+WqVoHiLQUNi:5GWK+j/A0NOaILH0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a389a590fefd618fb72c547f9a99f08_JaffaCakes118

Files

2a389a590fefd618fb72c547f9a99f08_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

ix
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

r22vfre
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

54
Size: 795B - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE