2bbcefc9169377b6ef01ca2634085f9f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bbcefc9169377b6ef01ca2634085f9f_JaffaCakes118
Size

158KB
MD5

2bbcefc9169377b6ef01ca2634085f9f
SHA1

3e1fc9095d6f4eb6f738d743bb5bafa4a1a0f48a
SHA256

2e47932a4e364cccdf3b1435a049c4fdaafbbb97dd247a7373e2eb85fde47328
SHA512

461e37d7abdf4f49084330965dc4a94e624ca58e9150540b1a410b56e2ef606f1f379fb763c199defab732fd185b5b1f8eadd3f51ebb6d5990685c9ced7b9aa9
SSDEEP

3072:zmCUhwfsOinAL9+x8MCo4EGG4YA9yfpG:tOwUy9+x8rZi4YMyfpG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bbcefc9169377b6ef01ca2634085f9f_JaffaCakes118

Files

2bbcefc9169377b6ef01ca2634085f9f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

5
Size: 3KB - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

s4qqe
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

i9jp8i
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE