47deca1e8678629584ec9d278cbe3f5c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47deca1e8678629584ec9d278cbe3f5c_JaffaCakes118
Size

88KB
MD5

47deca1e8678629584ec9d278cbe3f5c
SHA1

8a32dfc3f2a8815f7d94e779e67436d7dc92cc75
SHA256

9d806dde79f65773736474e0d0ad3d8bdf59c14ecd8ca0547746be2ced322297
SHA512

8a900529621b01e2876016847ad2f284ad3911d93ec69828d829ed85af1099c395b197ab9d4d5f770da46847e5c1beb8befa578d7144bacce5b441eb3a3c8b02
SSDEEP

1536:N7We4MOCknSRQ9xmAtNKzGyqBXsnmk/nGi1TuA0Kq5XA5lAGtyVfyIbFQiktNKz5:N7Wevkn59xmAzsRGi1H0+5ql6IZQLM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47deca1e8678629584ec9d278cbe3f5c_JaffaCakes118

Files

47deca1e8678629584ec9d278cbe3f5c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE