4b1a245228d7fd58a5bda23e2b24c000_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b1a245228d7fd58a5bda23e2b24c000_JaffaCakes118
Size

46KB
MD5

4b1a245228d7fd58a5bda23e2b24c000
SHA1

c629f4dbf7f8824fa0fdcb37ec47dd76a0e0d32b
SHA256

6e581908b63cd2f72152fd6cc20da3c83f55a4c63571900b8c25187626b5615f
SHA512

d72451c0f44e82027f384f95e0292b2231bc1d21ecc72f819eb5eea3945dfcfb2fe8e0763c397c0cdeb599de0bc708e475f6c47d76e5b80fd7fc6889981fc25e
SSDEEP

768:sc2OEAqIaXhC3opU1Pl5woqzvpMZ6GrMsOos2yMujsQt3WdVZ1zfDzAN2HVZk2Gx:v2ORwXhsoe1d5woqzvpMZNMsOos2ykiT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b1a245228d7fd58a5bda23e2b24c000_JaffaCakes118

Files

4b1a245228d7fd58a5bda23e2b24c000_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JOff
JOn

Sections

.nsp0
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE