6437911cab5a8cae59d6c8c190849fbd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6437911cab5a8cae59d6c8c190849fbd_JaffaCakes118
Size

129KB
MD5

6437911cab5a8cae59d6c8c190849fbd
SHA1

c6e6f044a1c97002f5d90e3746259feeb730c141
SHA256

439aa001dcc879b266019ad60825ae0ebea80d580e68a85e069324537bc3f732
SHA512

4e167e9b46e2e7ea4cca34cd72669c4684850569e2c1bd63f2c12872ae31543f37362e404365ab107d324f527301e05eb1afec9650fd4ab47dd2c2b97f20b417
SSDEEP

1536:hIy4TiKVnSrCc9SdoFU+95jzsIVq/xdah3:hIAmSrCc9SSFbsIw/xd83

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6437911cab5a8cae59d6c8c190849fbd_JaffaCakes118

Files

6437911cab5a8cae59d6c8c190849fbd_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

*J�h0
Size: - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

*J�h1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE