3281c2e0d6539d0467af8f9a3238bce0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3281c2e0d6539d0467af8f9a3238bce0_JaffaCakes118
Size

87KB
MD5

3281c2e0d6539d0467af8f9a3238bce0
SHA1

9e2be50ae31a76cec4abf7d35db0a13d8fcfb0cd
SHA256

720db902c73f5e7509039e1f711db03d942de38decdc41daa33dfc2f00fbf510
SHA512

3cc9ce3d49e6bd008ce8b8abff4eb6c58693fcdb42eb60b5a880903c2208e97fb22a19e45655e7924d3202f56788f91483d7141ce4073f96e742fdb97f2d6150
SSDEEP

1536:uI3CaBz9omm59NzK32DAF9oHaerBF7SQkzlclGRqlCEkIwxE4:pBzKmw9gmDk9oHRrz7cgz4T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3281c2e0d6539d0467af8f9a3238bce0_JaffaCakes118

Files

3281c2e0d6539d0467af8f9a3238bce0_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE