5dbb5c51d8d96a961f3e71bc526494be_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5dbb5c51d8d96a961f3e71bc526494be_JaffaCakes118
Size

83KB
MD5

5dbb5c51d8d96a961f3e71bc526494be
SHA1

83cd73d4b05f02148fad5dd687e530da298e70eb
SHA256

bf2ff1117ee67679238ca6aa3760b780a84703ea5634227306b16fe3521dd53f
SHA512

8852655b474368cff557640e7f9f3dea856a7268236f99e3e7d2d5dca85c6579fe47faa237cc4a1af7f54584d614edaf3aac3f4972b0097f514267d34cf4196d
SSDEEP

1536:C4Cs6U5WX4ian4sNDyngtpgHYQIoTU7NhA4LHIfg3QqnWNFBDUUxPZIe:JB6DatJygU4QIoTUZhAmEMQHFBDUUxT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dbb5c51d8d96a961f3e71bc526494be_JaffaCakes118

Files

5dbb5c51d8d96a961f3e71bc526494be_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE