388407b119c90b64c2ad2cdddfd6a1dc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

388407b119c90b64c2ad2cdddfd6a1dc_JaffaCakes118
Size

158KB
MD5

388407b119c90b64c2ad2cdddfd6a1dc
SHA1

448911564aa95236ab4dbab4f50ff6bbc341eed1
SHA256

ef7d3d55b0741440fa592b84a362bb82682f9748c07d62e5add521911a71eedd
SHA512

22c47658d2438e93dbea904e199e87b607e24ab53ba2069b3b2642197a9b81d244c43456caf63d435fe0968af5027598c1633f5342e838b880ac639b7a0cea34
SSDEEP

1536:VBlI8lAKeJVh8yz4Zn5aSUV47d0Ytytm0CZDbFikk8H/9NvMt04:Vj3reHh8yz4ZnoSUm7FyKZDbZ14

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
388407b119c90b64c2ad2cdddfd6a1dc_JaffaCakes118

Files

388407b119c90b64c2ad2cdddfd6a1dc_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE