398c571f0a75b0042c1b5426fcf3597e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

398c571f0a75b0042c1b5426fcf3597e_JaffaCakes118
Size

140KB
MD5

398c571f0a75b0042c1b5426fcf3597e
SHA1

7b63e3655158f3b81da0a732bafcf59cfe5b75a5
SHA256

c895f763d6b6edf8e4c773a0793ccafe7f83991329f8ad14f36b5f13099dfc91
SHA512

715216abf0a5019dfd65a970ecd91c27440449c922a7160edfb190295a4d929fb199c108a9f9397173ff82ab7bf221fcd6f46f9f11b60f84fba0987d924b8444
SSDEEP

1536:5yP1xwjI8WX9CnWq4tRPF0h8k79Pl5E0HW6pOYST6V5Fq3o5pGVS:5yP1cIH4URPFidkFT4G3oOS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
398c571f0a75b0042c1b5426fcf3597e_JaffaCakes118

Files

398c571f0a75b0042c1b5426fcf3597e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

av7
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ttmiqrru
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tl
Size: 71B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE