3d51709ddc71d36f4231edbf6cfd8126_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d51709ddc71d36f4231edbf6cfd8126_JaffaCakes118
Size

112KB
MD5

3d51709ddc71d36f4231edbf6cfd8126
SHA1

e315f0646dffa2779f51399448601dbbcc3c253c
SHA256

1652611d535ee1f426402f0b1086d1e15566b76dbf17337a26ce0cf740974ae8
SHA512

ec3dd64b74cd2220eab98aeb04fa5fa6fbb256f0b33214591e5c171ed0e0f8b4fd68f3ba6cb6ce43b5d38bad09f8095204c1befc3f3443348012a79b6ee67da9
SSDEEP

768:7tcKzyYWqN+71S192+W1LrT6usKUavrzcg14YHh+Dl4S:CIyVO81B1LCusJY4l4S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d51709ddc71d36f4231edbf6cfd8126_JaffaCakes118

Files

3d51709ddc71d36f4231edbf6cfd8126_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MsgHookOff
MsgHookOn

Sections

.nsp0
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE