3bc16d10717c4a585ce9794eb958a889_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bc16d10717c4a585ce9794eb958a889_JaffaCakes118
Size

140KB
MD5

3bc16d10717c4a585ce9794eb958a889
SHA1

e5d6cd6af80eb15112ac4e7bdaf8b124a9758a18
SHA256

8f0e295334d38f0fe340dbb7cc44d22cc156b753dae84c3aac848870ede9590c
SHA512

5109aac127cd6b0a7eadbac3b2109a3b6143d8e43a0b28b16c9ed6ecea983f15ab3842408fa6082a2d43b381c718242c8936d08fd8b1e4d1885304c57bcfa8fa
SSDEEP

1536:SuIRDz76v/mj8NHCH0voGWMRPF0h8k79Pl5E0HW6pOYST6V5Fq3o5pGVS2:oRf7G+j820vpWMRPFidkFT4G3oOS2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bc16d10717c4a585ce9794eb958a889_JaffaCakes118

Files

3bc16d10717c4a585ce9794eb958a889_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

fzs4w
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8dsrg2z
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2vb
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE