6905786867e645c401638061a52a288d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6905786867e645c401638061a52a288d_JaffaCakes118
Size

43KB
MD5

6905786867e645c401638061a52a288d
SHA1

4c935361e7f929da1d7458eb8552dd03802ae662
SHA256

86baaa9e791f33a379580ba628cc3396d1d4529acc4192c06ae7cbd9b13ae333
SHA512

96413583853d7bb27508032387f962127a7424e6666dcb56dda8e2ca8fa383e49aee747af59ed2efba5996ff9120c4d76ca945683501b7cbb61910f0d154acc2
SSDEEP

768:UCSqWQ1geCiG8Lv2UmB3iO5OpBlA53d8fzlMI76d4M3n5x4o/2a5j:jSqWQGP8Lv2UiiGOpBlAej7G4M3fB2at

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6905786867e645c401638061a52a288d_JaffaCakes118

Files

6905786867e645c401638061a52a288d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MsHookOp
MsHookif

Sections

CODE
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 199B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ