385d6d9485d1ffea0d545400bb7fd72e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

385d6d9485d1ffea0d545400bb7fd72e_JaffaCakes118
Size

158KB
MD5

385d6d9485d1ffea0d545400bb7fd72e
SHA1

5565a8ca8cdca236a7da1a9b0d8cea13d67d14f2
SHA256

24bc6bad716ac41694e680b1a3fce19a0de32721e9dcb3a2db12e5aeaac7422d
SHA512

0999e474200a238ef3330cd4d969cb018b66ec4fd9f7741bd40b447223e974ec39946187cf7c543ce3ea95b2e43aa2eafd9bbf136d4d77389b88a3ea2c9cde7b
SSDEEP

1536:DcquMMPv0Reln1qMz19rnh7g11Xht4qBUezIVPubfAOJHXTYRNlBzYa6RF+daF4J:nePC4t70/jUnVW0q0zY3Yw4C0vYJF7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
385d6d9485d1ffea0d545400bb7fd72e_JaffaCakes118

Files

385d6d9485d1ffea0d545400bb7fd72e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE