484ce7b8a366339720d55355e448a8c0_JaffaCakes118 | Triage

Sharing

General

Target

484ce7b8a366339720d55355e448a8c0_JaffaCakes118
Size

167KB
MD5

484ce7b8a366339720d55355e448a8c0
SHA1

0d73d9974164943ae7d527c17e51de5625c716ee
SHA256

eed3214d6fb0ad54e2cbd470ce5c46ac0ccd71583dbce16f44f695ea0ccb11d0
SHA512

d1d68d8bd222352df0ce9cde80c310739f5e0defa2c4396638be0037a57ef1f8f053ea17becd0872305d208e66d6cf6fd5a9b9909df12e2101d106b069286433
SSDEEP

1536:bYyvlfWYv9pJcLee2jxzEL6d5HBNfeioFBUpINWAg30Sv0M8p5T8YoZ4:9lfWKruLee+vxBg1hNNy0SMN8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
484ce7b8a366339720d55355e448a8c0_JaffaCakes118

Files

484ce7b8a366339720d55355e448a8c0_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

82
Size: 3KB - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ptb
Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fmsag
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE