66f08320f2f460078f557355dd8b2f5c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66f08320f2f460078f557355dd8b2f5c_JaffaCakes118
Size

83KB
MD5

66f08320f2f460078f557355dd8b2f5c
SHA1

348e953fb969e1b693bbb50e024f0d1f9d237da2
SHA256

370745df2ba55ec44e19ea949f0481a23a58d0c110f454f366af9f4109689720
SHA512

102da31ef3ad6cb5b236a523333faa228cb58f0dadd9b7794bdf5a279aa13517345738896c4cf5bc1179650b40cdb62579aecaa44368b36390b8829f1cc08331
SSDEEP

1536:L+7ARnmFT6isNexbW6bnpPjHqjZElICoAsZaKDx9oVx9p2QkrHX5JfPNiT:nR6FsqvpPjOCWDYIQmPNiT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66f08320f2f460078f557355dd8b2f5c_JaffaCakes118

Files

66f08320f2f460078f557355dd8b2f5c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE