37c4f1e97467385089bc9eda1e37fd75_JaffaCakes118 | Triage

Sharing

General

Target

37c4f1e97467385089bc9eda1e37fd75_JaffaCakes118
Size

43KB
MD5

37c4f1e97467385089bc9eda1e37fd75
SHA1

6268d7d3d06ef5b7d04291631e983886911ab076
SHA256

09b90dec9d8eeeebc4366e8a5d08511ca9f2adbbc885e500356479ae31c66275
SHA512

2b33e6e293d51e6b2870e3252dabcd1188c36bf97201297f8ead08195d85f3e583c32ebd993b4173e0cdd874c29cccf4be80fab12a2a437f7a79135883f9387a
SSDEEP

768:+CSqWQ1geCiGnLTHpW1XiO5OpBl71nZbsqCYQFov6Wtwihx4hdrfszF:5SqWQGPnLTHpKiGOpBl7XFGFoiWtwQ88

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37c4f1e97467385089bc9eda1e37fd75_JaffaCakes118

Files

37c4f1e97467385089bc9eda1e37fd75_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MsgHookOp
MsgHookif

Sections

CODE
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ