4a7beb42cac85aa3b1c74ceb680daf42_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a7beb42cac85aa3b1c74ceb680daf42_JaffaCakes118
Size

85KB
MD5

4a7beb42cac85aa3b1c74ceb680daf42
SHA1

4ac5703a95d34244df9eae6b34c7cbcfcf01b90d
SHA256

cb980ab218d760d9650ba0f0691c5c68ed7ce82380416acaf9341c719c1e4ae1
SHA512

e51f58558da1f6bfd4630fd7478f8b31971eeb0d9b264d5254cd81a81465f0a637b8ea7baa3d6f75fcd734f3901ddd099554a695df5daf5b1a9f100850142fbc
SSDEEP

1536:606TXHlg5yeVC5jXy9E5KMrssz4rbaZo5lXoUn/Bn8xg5iWqU5IT3bpfLZ4g5jD:6TTXFg5y952a5TrsszUbt//B8xd9AITr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a7beb42cac85aa3b1c74ceb680daf42_JaffaCakes118

Files

4a7beb42cac85aa3b1c74ceb680daf42_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE