49652ef6e4eeb664f3de93808fab0d08_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49652ef6e4eeb664f3de93808fab0d08_JaffaCakes118
Size

67KB
MD5

49652ef6e4eeb664f3de93808fab0d08
SHA1

3eaf65cfe73cc2a470398685a2989c7b4fc31ea0
SHA256

d124376b709a618dd5241e02c802d848e7bead202b498d38e266c7dc97527d2e
SHA512

c90cbde23aff56bf37dbf401c9bf3fd35897a518618c0a1c8ff9d643a9f070d47f06878a9b09fdb579471abd7b6bd051a44f9c96b6e27f4c52a2a4348775a0a1
SSDEEP

1536:N7VfLW3HqTa6SB0k0uEakVcYViam+RJazWRBHBbpY:N7VfCHqRmd0daYbpEWlhp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49652ef6e4eeb664f3de93808fab0d08_JaffaCakes118

Files

49652ef6e4eeb664f3de93808fab0d08_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

packerBY
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bero^fr
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE