385a1063609e0cc85e5628407fbfdb5a_JaffaCakes118 | Triage

Sharing

General

Target

385a1063609e0cc85e5628407fbfdb5a_JaffaCakes118
Size

167KB
MD5

385a1063609e0cc85e5628407fbfdb5a
SHA1

a0a1aeb5342804a7033f35c07425f176f371ab3b
SHA256

d401f4e6b7d1e8ff83ef302c8dafaf188028634de0c4b88a74b767b9ae983857
SHA512

135d7c02efd2150f8e165132f165037e08f83e555e5f213af4f89074dc9be45e19346b188d857aaa20bb54affc64211263b939e38f5229f0911661af05f039f7
SSDEEP

3072:x8A3Q0G6ur5UqIfwqw5QarVDq2fTyCnTPN3HkqeWr5:x33vC5Ud4Q2+CTPlE+5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
385a1063609e0cc85e5628407fbfdb5a_JaffaCakes118

Files

385a1063609e0cc85e5628407fbfdb5a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE