62e0766efdc54961d41962a900896480_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62e0766efdc54961d41962a900896480_JaffaCakes118
Size

81KB
MD5

62e0766efdc54961d41962a900896480
SHA1

61f2d6a5db8b482fec958cd37fecc155bebc6a33
SHA256

dfef35879d9df7c21c3fcf23ad3a523b1a7c38004d6a6cf44a4de7e6b3038921
SHA512

737e3e138637fcc5fe077a64a6c21d9cb0e0a2ff0cd621d3519384aac62ec99b3a740e771551932237aadfaee1c57efb816b3418a864f7e75f46971bb51b2895
SSDEEP

1536:pS2vXOXKLyxa/0GkY5N4kY6Ge/2vIa2J8RTjz3MBvWFr4+J++NXFN02UPIyT5:wcf5N4kxI2J8RTjbM0FBNXF+2UPf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62e0766efdc54961d41962a900896480_JaffaCakes118

Files

62e0766efdc54961d41962a900896480_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JpHookOff
JpHookOn

Sections

fqji
Size: - Virtual size: 172KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

o5ej28oq
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tvrf7
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE