5ad00ea2890bea6aa61742440f42c1fc_JaffaCakes118 | Triage

Sharing

General

Target

5ad00ea2890bea6aa61742440f42c1fc_JaffaCakes118
Size

89KB
MD5

5ad00ea2890bea6aa61742440f42c1fc
SHA1

bb9a2e867d2d30c561bb5e61ed1a86c8d96b6430
SHA256

59d346e200feab8510d85a881aa6f8f95531e3bbea9df563fd09b684a1ba51ac
SHA512

4a190aaca8ac4b3a28bce9902ec7f6be3176bde1c2c57cfd12a1cc7cb97f14d317b99103b4a410815864d33985f32fb5bbfe9113a4bbfba8ef0e2fa0f6827924
SSDEEP

1536:/dsuu4vfEyZQgo2EWkVLnoHvpXYIvO1Fe7L1R3jxg6kGQ6qHamK6dlQgr:VsudM2vk1nEc10NR3jxgeQBamP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ad00ea2890bea6aa61742440f42c1fc_JaffaCakes118

Files

5ad00ea2890bea6aa61742440f42c1fc_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

5njhfv8s
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9yn
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nu
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE