3e8adf8ed3fc2593c99b3077362653e3_JaffaCakes118 | Triage

Sharing

General

Target

3e8adf8ed3fc2593c99b3077362653e3_JaffaCakes118
Size

80KB
MD5

3e8adf8ed3fc2593c99b3077362653e3
SHA1

f889ca1cb20c2be4155fa424def4ab531bfec2c8
SHA256

58760ffcbb35112f59cd896b870cb1d3f8da561f4806c72af2c4b5cf4a2fdf8c
SHA512

8f91cbc90662f6fdaed2af0db3e3606919a7c866393b6327b6ede88d7a16e1e77919d8ce583f93a05d048592f312b60bae824a809f0f1df1df79bdf480f32dc9
SSDEEP

1536:8zOLyxx02e8mNvgGeY7fctwfihvg3bo4FXdFc40fKw9C+C5aN6fJqCYs:AOLyjze8o4U48MeH1Vw4vV0s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e8adf8ed3fc2593c99b3077362653e3_JaffaCakes118

Files

3e8adf8ed3fc2593c99b3077362653e3_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JSOff
JSOn

Sections

Size: - Virtual size: 164KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE