33a053753f3e90e714f8eea0f451044a_JaffaCakes118 | Triage

Sharing

General

Target

33a053753f3e90e714f8eea0f451044a_JaffaCakes118
Size

71KB
MD5

33a053753f3e90e714f8eea0f451044a
SHA1

15233a9bbe770fe49e281e98067d165461fdb3e0
SHA256

1d1290e6dc6ee76f8cffc2701b78a0da1fd4b1214b3a403764f95fa80724fa66
SHA512

badf58baa9bf1a09b87c43243968fb0620263bb21833e3d5bbdaa0070e4ed7ff452cd940b6d9238b718df77e3cdec518f8e7ad14a05acca43ae11b1bd889808f
SSDEEP

1536:DXe1KlSBDBWUg30dXUYoGcAUsUr/1SDHqpJoo/IQStOtB:DXKDBWUgUoGZUZ75io/IQS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33a053753f3e90e714f8eea0f451044a_JaffaCakes118

Files

33a053753f3e90e714f8eea0f451044a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

packerBY
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bero^fr
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE