6515402d7f169c1b52055a8ad6264b79_JaffaCakes118 | Triage

Sharing

General

Target

6515402d7f169c1b52055a8ad6264b79_JaffaCakes118
Size

53KB
MD5

6515402d7f169c1b52055a8ad6264b79
SHA1

01081733257637d04b6b5d580c71ebb09749354a
SHA256

c317d49422c85491f69dbe6019f224e49abd4d9eb8f5eaea2c9c2e53e080c866
SHA512

93f79bde46c6eae529b6e970807cbe49873256328b6a23cbaa31b85fb185434e8b28fb3309e3009a945651eacb4a8751b61827f911200acbc38451f3ffd1b35c
SSDEEP

1536:XvxEYx47v6mKR2wRcAcL3yLE2XFwdEfzPXfhX5/FPP0kWq:/x/x4r6mKf+dD2X+6frPhPckW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6515402d7f169c1b52055a8ad6264b79_JaffaCakes118

Files

6515402d7f169c1b52055a8ad6264b79_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

myow0
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

myow1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

myow2
Size: - Virtual size: 950B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE