45cd0b73bed98478831a4e8edc71c179_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45cd0b73bed98478831a4e8edc71c179_JaffaCakes118
Size

82KB
MD5

45cd0b73bed98478831a4e8edc71c179
SHA1

76738f664a2c764c198b16f3aa65f73694d8d06d
SHA256

a6b0ad721069243097956cb6b0e3bb93a50bf7aad8e2e9d218f15d0e8c8e9e2c
SHA512

159dd11eff36e95a8a0e74206bb336ef2e4f53a725bd95c1773b1f93e745918be4eb5eecfd72a4eabe8cab6b19b78c02cf72f158e7b812ea9003e13514325c4a
SSDEEP

1536:63+SUxp0AwGbx6t1n5d332oW9toRPF0h8k79Pl5E0HW6D5GZXWEIWtq:63ExpJz16fj/WcRPFidkK5y2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45cd0b73bed98478831a4e8edc71c179_JaffaCakes118

Files

45cd0b73bed98478831a4e8edc71c179_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE