719a856215bcc72f134e48830bbe5fc4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

719a856215bcc72f134e48830bbe5fc4_JaffaCakes118
Size

81KB
MD5

719a856215bcc72f134e48830bbe5fc4
SHA1

6b0134e441212015db24273dd318a60b0a6ac951
SHA256

0efa889bdca7b3aa90d87d5ac11ede6b51e3d70cf7e44d99607237e02e230c77
SHA512

3a75115335351a5b6b3ef6e653581fd8c96888f0dda42a330bf3a2b81618663e35a73ffc48daea590a53bf62b5f30f3e04875359751ca8c246fad5f88bf11a49
SSDEEP

1536:t7t9PesOZTaGiEM5SkbRPF0h8k79Pl5E0HW6pOYST6V5Fq3o5pGVSi5N:debBkRPFidkFT4G3oOS4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
719a856215bcc72f134e48830bbe5fc4_JaffaCakes118

Files

719a856215bcc72f134e48830bbe5fc4_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE