4104d99903e34ebd6afca5c4205471bc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4104d99903e34ebd6afca5c4205471bc_JaffaCakes118
Size

91KB
MD5

4104d99903e34ebd6afca5c4205471bc
SHA1

d2f867f249e626c42a2764fafd583899b7a32121
SHA256

cc52ca8f8d141cdc0e6126ae54cee70e36b29d540bf98a3bd191263517e4a7a1
SHA512

dcb6b989de3394be6d26b8ae08730fbc266d2513a4d2e89635d248f535e51e74398d1410d1835c1470c1ae62a7da8129ebbacdf7aee1656f35c06317f29e311c
SSDEEP

1536:0g7HMhsNMBg1jlyzegX3cpgo0WxRRLylol7LVpgKCzheh9f4211W51EL8cpgo04:L7HIWYg9lyzzcpgo0kfy+xLV6KCza9go

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4104d99903e34ebd6afca5c4205471bc_JaffaCakes118

Files

4104d99903e34ebd6afca5c4205471bc_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

jkz
Size: - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hqvw
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zt
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE