3de5e9bf41246ef1afd781146d556431_JaffaCakes118 | Triage

Sharing

General

Target

3de5e9bf41246ef1afd781146d556431_JaffaCakes118
Size

42KB
MD5

3de5e9bf41246ef1afd781146d556431
SHA1

b15a13315e13700f4ac3d5e2c35ca12343a3c3b4
SHA256

d633cf382f045fa027d0ca10465fc06f2b30a495835fc8e915b93a10fc0b4e92
SHA512

a353e0042598f33f6557fe2db4285d44f666a0a195044f82018c8070c52baeff20ee5d9b0f1db8815f071f436650383a25ede8b7653e59bd07b6756fe511eb23
SSDEEP

768:R88tyk5IF3XcXxDCasMYbqRjPqibQskYyxad8KmlBdEbCYf3Z:R7k3sXxDCLCjPFbQsk5RKmlHHYx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3de5e9bf41246ef1afd781146d556431_JaffaCakes118

Files

3de5e9bf41246ef1afd781146d556431_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MsgHookOff
MsgHookOn

Sections

CODE
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ