332f95eb0623c238f9776d0b2f4c9be2_JaffaCakes118 | Triage

Sharing

General

Target

332f95eb0623c238f9776d0b2f4c9be2_JaffaCakes118
Size

82KB
MD5

332f95eb0623c238f9776d0b2f4c9be2
SHA1

d7717b829e1615f7afc28808236b707fe8035ba2
SHA256

988bc6a1cf16cb0efb65036c8aaeae4a853a55c43109cf7365d9befe4b2e1bc7
SHA512

2a09e4d02e530a223fe957419b5fed6bbcb7b8f880111149c6eb4d4e97b770597ab7ec7c9e9d6968e224ddbe9d5c04e45505bd4a0b77b54c6ecd4009f0492023
SSDEEP

1536:tkFV+UjRbwz0pi4/C0J6WYDiVHbFCDXcb0tWcGhJW9rX:tkDBjmz0p9C0aGxeXA0bGhJW1X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
332f95eb0623c238f9776d0b2f4c9be2_JaffaCakes118

Files

332f95eb0623c238f9776d0b2f4c9be2_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE