5fe2b38e0e12da97914be26202c4abf0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fe2b38e0e12da97914be26202c4abf0_JaffaCakes118
Size

30KB
MD5

5fe2b38e0e12da97914be26202c4abf0
SHA1

f2b32e05dccee0778c83a2d7134872d1de7be12c
SHA256

924b4ebe639f8cc67b965b8eac23fd7cdbff1f780dd34fcd0effdb16e3cea0a9
SHA512

3c0c88b879cd027aa319e29627c4d615797de5ab7dbeae10a012510af6d0831f992e428fc410ab2734bd392de3cdd6e41d65e703c6fdf789866f5e625933f88e
SSDEEP

384:BByuzek/ySFy8JXbV5IEj0M/mR0HIPuzo8B/Py0k6XAe0LgCgUJAzdDAc/JFSVY:NM8JXbV5N0/R0HII1dbkgVdDhnR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fe2b38e0e12da97914be26202c4abf0_JaffaCakes118

Files

5fe2b38e0e12da97914be26202c4abf0_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MgHookOk
MgHookOn

Sections

CODE
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 199B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ