3a9bb4eb46afe3d0b6322e34c1d0599e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a9bb4eb46afe3d0b6322e34c1d0599e_JaffaCakes118
Size

167KB
MD5

3a9bb4eb46afe3d0b6322e34c1d0599e
SHA1

99e889af04b4f90e95a17d32fc12780d6bda575b
SHA256

27de8b9eb4fedf8064c928189c669a9858a2c2bbd5f48b7c285fac9611116617
SHA512

fead9d68d7786c8e235d593187c2f63bce2f33c547c821d9e0a54e15e96cd6c336c6305fdfc71248497f419fce7e3fc77755a3e13d5132b96d817e27149d54ca
SSDEEP

1536:kznbHYKi/2EhT7uQLylol7LVpgKCzDUJnbuSRnZWaV2V4XTL6:ybYKR673y+xLV6KCzDArFZWaV2c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a9bb4eb46afe3d0b6322e34c1d0599e_JaffaCakes118

Files

3a9bb4eb46afe3d0b6322e34c1d0599e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

zod7whn
Size: - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gz4qoqk
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE