35ac73ea371a38c78f8807412b0b9b0b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35ac73ea371a38c78f8807412b0b9b0b_JaffaCakes118
Size

123KB
MD5

35ac73ea371a38c78f8807412b0b9b0b
SHA1

40f69f71bdfb440455b74cfe93c0b2136f1f2cab
SHA256

99d090b7755f9179f27244e06670bafc5088c52201784813fa7138fedd3c50ea
SHA512

446ed6bea25c11f2f6dfcb39e92cd243f1b05871f7857be754ac428ee587edf1c3585d61873427919ea28771adaca8b7ddd1c7c048fd34f9514c826c54022569
SSDEEP

1536:U5hXBJQXV0A2IAw2q6cgLhcg+NM95FcQmx4UBY+vsewXrwt:MXBqXkISq6cShcg+GFcQs4UBY+m7wt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35ac73ea371a38c78f8807412b0b9b0b_JaffaCakes118

Files

35ac73ea371a38c78f8807412b0b9b0b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JSOff
JSOn

Sections

Size: - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 584B - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE