489cb09302c3fddbf26c1e6e293adf86_JaffaCakes118 | Triage

Sharing

General

Target

489cb09302c3fddbf26c1e6e293adf86_JaffaCakes118
Size

86KB
MD5

489cb09302c3fddbf26c1e6e293adf86
SHA1

b818a9e5ad3baf24f9716611495030d156001d91
SHA256

404438cb68decd6310a878c62bb22d9930458a9840921d1b7af0c966c6411a6e
SHA512

c5e3a491baf03ec6074f4f9a42ec7c8a329626d0183d8b72b537a718a93ecde6a8367b4393e7ce2591d77acd3370ffa8b7f7f7e5e982b708ac5e833b438dbace
SSDEEP

1536:2uf+30IAzm/91jJ+0oscMuSipQMKXPIQ+/E0iZXCupk3p82oL38s:Wmssy9Tia/+/fiZ3k3p81

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
489cb09302c3fddbf26c1e6e293adf86_JaffaCakes118

Files

489cb09302c3fddbf26c1e6e293adf86_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE