38b0560d63c3c13dab346ffe3691c7f2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38b0560d63c3c13dab346ffe3691c7f2_JaffaCakes118
Size

140KB
MD5

38b0560d63c3c13dab346ffe3691c7f2
SHA1

8dfde74b1ce05a8a44a8287f7436580e8e053bed
SHA256

e5eec396da84db063c3e83a22ecae30d80ab3d8fc81f2920b702f6e61b5919b8
SHA512

d0d7e4770cb8545cdec79ded919ff3150373c366a96816472bb609a157f20b09f605a64ddd1bdae7a71cc4e736899a734da03b47526cae0ac1b8ea6e634d197e
SSDEEP

1536:369sYkHOgBW+pAG6ECFzGb5WRfRPF0h8k79Pl5E0HW6CHoBf45:zW+pf6ECFzrVRPFidkh2f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38b0560d63c3c13dab346ffe3691c7f2_JaffaCakes118

Files

38b0560d63c3c13dab346ffe3691c7f2_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE