417d3505804df387cc42a0b1a180c05f_JaffaCakes118 | Triage

Sharing

General

Target

417d3505804df387cc42a0b1a180c05f_JaffaCakes118
Size

147KB
MD5

417d3505804df387cc42a0b1a180c05f
SHA1

cf3ce710deedc82763cfe098b04663c3dcaddf5d
SHA256

cc796a70ec08b2304b7b6b662946b6012395aefe5f01312bb5ee9bea4f1876eb
SHA512

169a0ec2e0825e62f5665d981b1d406e4e7d4a209cdfbd46b9f82550bc7ddd1f9c1cc4c5fe06fe1c16e86947d69ef5b35f77eaf5d3abffe04b3450c82cb57368
SSDEEP

1536:rqcXjzkm81mYHUhgXJX7wwxMyulEdMrKN5SWnM78kTdSz2PX79JUj81HN:bXj0QgJ7xMySEd3cJ8kT0a/5pH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
417d3505804df387cc42a0b1a180c05f_JaffaCakes118

Files

417d3505804df387cc42a0b1a180c05f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JSOff
JSOn

Sections

Size: 3KB - Virtual size: 168KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE