6243eeec61984befcfe7d93c3f56be14_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6243eeec61984befcfe7d93c3f56be14_JaffaCakes118
Size

80KB
MD5

6243eeec61984befcfe7d93c3f56be14
SHA1

24b13bda10b44c9c0f159f51fc6b772c980e8526
SHA256

2ce40f624e5a01467aa5b642bd1a2a94609969474c217454ad7b6560c8885da7
SHA512

4d8182e2e9569345c2085890f0274af44a61cf845073736456328f5d1a56d4d222947958ebf347f59a69fd2e9adb5ba846a6d1a411eaf925830c9b31cbf603f2
SSDEEP

1536:B6CJXb2tQZJ0u1p+3dHTkN+i5GIC3bwZm2il/aCZeFldrSVJ3et96o0EXLW/WF:EMrB0u3+tHw2ICsIx5adDd2VJ3et9tbF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6243eeec61984befcfe7d93c3f56be14_JaffaCakes118

Files

6243eeec61984befcfe7d93c3f56be14_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

p
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tqbh5
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

a8m959yg
Size: 325B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE