48791b2196dd7784e8b5b59da128689a_JaffaCakes118 | Triage

Sharing

General

Target

48791b2196dd7784e8b5b59da128689a_JaffaCakes118
Size

158KB
MD5

48791b2196dd7784e8b5b59da128689a
SHA1

0dacb99be7fea24dbeeb03fe6715f82fd38eec74
SHA256

94699176482565587dc4ae98c347a7ea0a886987ca978932a296b235a23c0f9a
SHA512

5ad8809c27fd5e25e538fd71e96682ba6280a4d8ba28dffc4f4a182bb4a27a6a7c50d3c21ef2cf8ab766b6b4401fd9d9e8d3f1ed4fa1f0e3917d37eda34c4973
SSDEEP

3072:wQ0ukp3TyE2M0Tu9HDH0617/J3DN6OoN5QwCGTu9:BIpjRToGL0617T6H599G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48791b2196dd7784e8b5b59da128689a_JaffaCakes118

Files

48791b2196dd7784e8b5b59da128689a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE