40f44816ab911d7ba9be7b7ea6d2f37d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40f44816ab911d7ba9be7b7ea6d2f37d_JaffaCakes118
Size

167KB
MD5

40f44816ab911d7ba9be7b7ea6d2f37d
SHA1

18943cc3df106706ba51fe12370fe2895b053b67
SHA256

546493d6f8abdb63148f5ba1b3be53c530e05ba1b157724b6ab26db8cd9be240
SHA512

c45c113beccf5a09621fcf0118b9445326104c647c7adbd75a970c11e047ad7dd618b629ffa1609d964ec0aee81badf196a78fbedd2c62b4e7f8437939fee0e6
SSDEEP

3072:vSaDJLjYGT6br8turWlHe8MlkX3dJrsD+nb:6YJLjYGTWUnl+8MlutJrs0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40f44816ab911d7ba9be7b7ea6d2f37d_JaffaCakes118

Files

40f44816ab911d7ba9be7b7ea6d2f37d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE