4a18cb706bb633e40fadb2bafd0d96bf_JaffaCakes118 | Triage

Sharing

General

Target

4a18cb706bb633e40fadb2bafd0d96bf_JaffaCakes118
Size

47KB
MD5

4a18cb706bb633e40fadb2bafd0d96bf
SHA1

6b0a6178000b757bfc470efd6a81c5e5f52d7a5d
SHA256

9bb1a1df85e3c82dbf5e49095a0b4829092994cb33d75d71b1bf438eb98a10b9
SHA512

0eb136e0fcff584a4869f68950a27980ec294b9bc744461d3738527987661e68e4ecd1f56905a0b8e4dcf808d74240a4c2629cb86384377f4a1af6d00302df7c
SSDEEP

768:Dz2PSNUfnxLXFjGkydm+sEeWf1VtojdexsxStSeGMgUtIs9AVXZS9YAOx:n26EN1CkTEei1VtEwaMWMVt/gmYAOx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a18cb706bb633e40fadb2bafd0d96bf_JaffaCakes118

Files

4a18cb706bb633e40fadb2bafd0d96bf_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JOff
JOn

Sections

Size: - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE