4d0103214414d41eab7886a6e9724da1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d0103214414d41eab7886a6e9724da1_JaffaCakes118
Size

86KB
MD5

4d0103214414d41eab7886a6e9724da1
SHA1

64109e1e1bfe501aff103a748e42c6976b76f80b
SHA256

e2a040f111665f8c2d9b509aa4000255b284ed4161eafbda85ba761c6b8727a6
SHA512

0d518f8a990ff7e1d176be4c51bd26b1cd82237c2bf1fe3525cdc008f29ca93a5c55ab7cf120e4d5c04573271e8961a5ea5e604bfbd7a3529a2dd16d85b984b5
SSDEEP

1536:mXwVosp3/FYCvLZpV1vVisA7OofSV/Rw1iYpVK4WPgqdRrjxNksZbbNyTfV:NVom9TZpV1Mtqo1iYpzV0BdNkOb4LV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d0103214414d41eab7886a6e9724da1_JaffaCakes118

Files

4d0103214414d41eab7886a6e9724da1_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE