5fa1dea5ac6b0c4071629f7efdf5748a_JaffaCakes118 | Triage

Sharing

General

Target

5fa1dea5ac6b0c4071629f7efdf5748a_JaffaCakes118
Size

88KB
MD5

5fa1dea5ac6b0c4071629f7efdf5748a
SHA1

225787e5821301fb3f33f83af0e64e8362d164ce
SHA256

90e0ab369a18598fec297d5c89e55165d2cec48d1aa16facd8beb3c62ac7006b
SHA512

f36e4925fa63e2813b859ec549c543c321f2ec50ae7a155217ba2cf037e74b9abc5dbb6a561672a1a24dad332f0a3364ce117c03e6039552ba3eb1e412c40377
SSDEEP

1536:y9+8yxz2xm8Do9oJe9/QTxJHWy9zLSM9bTmtZ+zgdvfomF8dBVT/IxJVcsxJS:ygxz6To9Ue9oTr1ZLSMJTmtXVQtdBl/X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fa1dea5ac6b0c4071629f7efdf5748a_JaffaCakes118

Files

5fa1dea5ac6b0c4071629f7efdf5748a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE