3a7c78cbc1f4ac00abb157cb03358137_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a7c78cbc1f4ac00abb157cb03358137_JaffaCakes118
Size

158KB
MD5

3a7c78cbc1f4ac00abb157cb03358137
SHA1

d6b5e802f9ae099149df68d86c508ea3aa39de79
SHA256

980e4ab1da9f10dda1d16a5ec21107d0dd803b54365c43ff98515a19f3085f9a
SHA512

632b8ed1a75092560624b49f8255feebe35893cc216f32edf34f3655a46bc156b37331810cb99b46d6d67948f4327de19446d810c2d4ca5c71bc5d20a0e7100b
SSDEEP

1536:4fId4XwGEYiHW3FFD3pAt2jG6YsB7XsDePIrsLFNeK1KmxEwpOlvW3:uEYi220j7Y4DSwIrsLFEK1KmxE2Ole

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a7c78cbc1f4ac00abb157cb03358137_JaffaCakes118

Files

3a7c78cbc1f4ac00abb157cb03358137_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE