306a999659b7bb99d31c6948695ed2fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

306a999659b7bb99d31c6948695ed2fd_JaffaCakes118
Size

132KB
MD5

306a999659b7bb99d31c6948695ed2fd
SHA1

237f2a6151c2120a147b4c8a1b24f098151a94d6
SHA256

0d73c03aa26456d58d5620d907e7eb9648143f01403e7cf187499f04e251ff59
SHA512

fd6893f4f27a52b8d4af291f9ca4a96230b760be0863756db17a64a9778e9ae255dc1c2955d1665f52fafe8c59992387a007561d95ec70e6891e49def9a975a3
SSDEEP

1536:HlaF72QWrnwS/fLA3Knb9mDlD58cWaGswgW5D6h:wF7inJfc3KbeV58HaGngW5D6h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
306a999659b7bb99d31c6948695ed2fd_JaffaCakes118

Files

306a999659b7bb99d31c6948695ed2fd_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
LoadHookOff
LoadHookOn

Sections

.Upack
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE