4953fdd1f00783ea1721efe0b52e5223_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4953fdd1f00783ea1721efe0b52e5223_JaffaCakes118
Size

85KB
MD5

4953fdd1f00783ea1721efe0b52e5223
SHA1

0e7e712597bc1ff703747f8c6662c311f83e8bfe
SHA256

b6da8921ead20b748d3b017da41b87a73c988eaf630a33830346784866f1b71e
SHA512

2ee2fe1db361b06a4da248cc35d48e0a8e26082e3da882a631f9772393b8090d7136001e7416c273c0dbbaa9121f5608f4aeeaec7b344dc049476056dc2044c8
SSDEEP

1536:ymDR/PozF1RO77g2/PxN0j9+zMn52tjM1Qx6SZFkBT4Jirsg2/E:nDBWr4g2/Px68zMnkM1a6STmlsg2/E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4953fdd1f00783ea1721efe0b52e5223_JaffaCakes118

Files

4953fdd1f00783ea1721efe0b52e5223_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE