48d0aa715682fb642e3df7ee8ef55158_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48d0aa715682fb642e3df7ee8ef55158_JaffaCakes118
Size

136KB
MD5

48d0aa715682fb642e3df7ee8ef55158
SHA1

ca10f5a74819a6eee19c62f5fd89ced631916fe5
SHA256

9511fa8b64368fe2f661ba14873793b2c516b67593a46c875935c9a7a3e2d52e
SHA512

d68f7948b84727d94b46262e26ac319e360607868922399a1af15d0105a4748e906a6d9be26eb81754844c4c417d871e9bdcd5d1407ed8559c69b5da0d9e57af
SSDEEP

1536:PJIzndhYki8LMk9IWr31QNyjE49P3PyrXWOzLSWGYag38UZU+i:PqTdhYki8gUQ0t9P3PyL7CWGTg3hZUP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48d0aa715682fb642e3df7ee8ef55158_JaffaCakes118

Files

48d0aa715682fb642e3df7ee8ef55158_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOFF
JumpHookON

Sections

gx40fj0
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gx40fj1
Size: 67KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gx40fj2
Size: 988B - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE