2b466f42f959d11d145e2180ce595d0c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b466f42f959d11d145e2180ce595d0c_JaffaCakes118
Size

167KB
MD5

2b466f42f959d11d145e2180ce595d0c
SHA1

1396d4779f8eea18fdd9dddf5d0b3af76fa67c0d
SHA256

31e3226c1085d784d58783b7fdb5f3fc95ba16fa8c34ece8986c2cfaf198b294
SHA512

0432af409a7252bc0a001d6273f75db305c8290455a9aa89a59bb6c5ca4d66eec80a7a5743d1b959626153c24f445e95905045803476bd4aaf4560502af784b5
SSDEEP

1536:UJnKvnPKZ+7jXkDyHj4OpmAB33JalYZuDfxllIXXEw3lrFsiGqNSG7zo9Yp:UJnInPKoDkDyH5b5ZkepREFm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b466f42f959d11d145e2180ce595d0c_JaffaCakes118

Files

2b466f42f959d11d145e2180ce595d0c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE