32c8ebad057f23552341dacd7e8515fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32c8ebad057f23552341dacd7e8515fd_JaffaCakes118
Size

44KB
MD5

32c8ebad057f23552341dacd7e8515fd
SHA1

4cf0b8db407be5bdd3dcf88029104f642811e82e
SHA256

ba3d903d1ef9b3065c976d4861e2bf79a51d992ec49a09d20e7e78cd950d86f9
SHA512

0b4a79c2a57a9ac8ece2edef79dcd9820ab791d7f8995342f62ed19325c7bc585e79b7c52cf9d8a09cbe9765f1b43f5c093721d391aacd81d566db52a8189ac9
SSDEEP

768:8CMq2QyeQly2sW2UG4ulM3+GI10LGPCS1/SSvylvElHKNnKq6+:LMq2Q4cUGXlH7GGPvSSvyZtcc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32c8ebad057f23552341dacd7e8515fd_JaffaCakes118

Files

32c8ebad057f23552341dacd7e8515fd_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JHookOff
JHookOn

Sections

CODE
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ