2b296ed372dbc22ae5f6ef22e3b689cb_JaffaCakes118 | Triage

Sharing

General

Target

2b296ed372dbc22ae5f6ef22e3b689cb_JaffaCakes118
Size

158KB
MD5

2b296ed372dbc22ae5f6ef22e3b689cb
SHA1

08b44d983f38f702bad20f78c63c2616319bbdb8
SHA256

e089051933fa3304b6d0193616cb0f260fb1508bad460bb75c479acc893a8ee3
SHA512

d63bca468a834a73016fd862ffa77e2751e54585b5b3f1e1d6fe298a28e84199be96eba41306ad418f1882bfd83c3f473c05c707935e68d161fd3d71f9fbb167
SSDEEP

1536:UpgkG2kH8/9rlYZSOBnn8AdcyRIDsz4rbaZo5lXoUn/Bn8xg5iWqUcK89RDO0gh4:xkDks9An5DaDszUbt//B8xd9nD7+9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b296ed372dbc22ae5f6ef22e3b689cb_JaffaCakes118

Files

2b296ed372dbc22ae5f6ef22e3b689cb_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE