39a12f66aeb87ea6ed712e3f2515ae4b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39a12f66aeb87ea6ed712e3f2515ae4b_JaffaCakes118
Size

89KB
MD5

39a12f66aeb87ea6ed712e3f2515ae4b
SHA1

b298758a36f5bf65499ed94af44391740c2e497d
SHA256

97e6f9437d9f4f3c0e07d1c411665a8de6f06684a5e166f7194e281e14ebf92c
SHA512

c022448b71accaf0354bf0b2ce66c470296bcc0ae14b9402a5acd38d2e1409005fcfa0eb118d0a649bc1eb0a6e2ae8c45747ef9c4e69fde4ee5805fffccdb7d3
SSDEEP

1536:IBdvxc3wTi6YRQIvr/iGkeeTWECH6QuBnCOAcM30D1EDxCQKBpOG2lr/6:UjlTy6ID/iGtdE2MnFAcxIgXpQ/6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39a12f66aeb87ea6ed712e3f2515ae4b_JaffaCakes118

Files

39a12f66aeb87ea6ed712e3f2515ae4b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

k
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

c
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nnit
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE