4ca24bd5e3978bb6342b342a8ac66d96_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ca24bd5e3978bb6342b342a8ac66d96_JaffaCakes118
Size

89KB
MD5

4ca24bd5e3978bb6342b342a8ac66d96
SHA1

f81d0d51ab17de3e6dc49fdc5c03216e0c85444d
SHA256

0bfe9ac91438f758851d521a172750f75157d3937e1153bd1f465801c53d96e6
SHA512

1fde006ed594f5dabcd6dc0a5b5424142dc421f74047608f17ae7ba95a55ed34e68b3b93abcda4bebfc53243c7580129b5f9a19ff72903e6fa08d7664c812bfb
SSDEEP

1536:TFzFThPjMvrABsMgYws9HYGvS0btjoLDQHaLaifbVRpMiXjTQmg0/O6Oo0NtxH9s:TbhPkEBsMgg1YGvbNEDQH49VRpMiTc/W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ca24bd5e3978bb6342b342a8ac66d96_JaffaCakes118

Files

4ca24bd5e3978bb6342b342a8ac66d96_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

llclxno
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

l25
Size: 84KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tbvozi5
Size: 4KB - Virtual size: 262B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE