68f3e253fcaffd8e757a5898141eaa88_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68f3e253fcaffd8e757a5898141eaa88_JaffaCakes118
Size

167KB
MD5

68f3e253fcaffd8e757a5898141eaa88
SHA1

e95da18b2acd704a26cdb231746cf4a321e8e3fd
SHA256

4b311f447cc93679d9726f7c8e727ae2c9dd59a151ebb377f04492462bbc0a69
SHA512

fa3f861a87ccb28eabd2a7f03d69f9d39a82e0a8714bb52566d03ad0e7879bf90eb41f8f6b1b0330c4c3256e402add2f36d5b1789572e9d07dad2a427f646967
SSDEEP

1536:Rhm5fK8i086mNGhB0ZwWdavrDnCQr7ScSDfX3vvFmnYhi9hB:Rs9/mPSWWDCQnjQf3vvFrhi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68f3e253fcaffd8e757a5898141eaa88_JaffaCakes118

Files

68f3e253fcaffd8e757a5898141eaa88_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

lr
Size: - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9xs
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vu7
Size: 4KB - Virtual size: 913B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE