2c8f5cb7730fe698c552eae4ceaddd11_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c8f5cb7730fe698c552eae4ceaddd11_JaffaCakes118
Size

158KB
MD5

2c8f5cb7730fe698c552eae4ceaddd11
SHA1

41b71f35647414e141bf031ea15c14b06ea3e0a8
SHA256

0bc11a6989c422dec405aea8f6851b19121bb1026833fc71bf8292da707a8373
SHA512

945c34a0686937e0eb6c057e5d1f7e077488eeda78838ea2c70e3bbaf1b318223219096525c20cab83c62e2df6fd7d496107f7d991c289cac7dbbc10375d761c
SSDEEP

1536:QL74v90Hg4kw2n446hCbwtBsz4rbaZo5lXoUn/Bn8xg5iWqUPmNDQhRRTGjb0Kqh:QLXhin4bM0BszUbt//B8xd9xqEjb0PQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c8f5cb7730fe698c552eae4ceaddd11_JaffaCakes118

Files

2c8f5cb7730fe698c552eae4ceaddd11_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE