70f29bd878dff47188bbd1cf34c6adde_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70f29bd878dff47188bbd1cf34c6adde_JaffaCakes118
Size

140KB
MD5

70f29bd878dff47188bbd1cf34c6adde
SHA1

86f18a6f81511a315fd2276c196a5c3a8fc6915f
SHA256

fe5c0ab4b70e27fcb9d14afe8461367adaa0048660aaa6c73c96ddb3b2f9f6cc
SHA512

8c4bf9e8a9c6aec101b6b7383af868886877a65fcb7d085b601f87d90d888283fd6c8bf6a301860a138b01b0c8bafae0a84a573f731f51b63e285e0b0c0412df
SSDEEP

1536:kHgR0VjGPT9WZM/Eq1o8ii5J2j3tCIpLRPF0h8k79Pl5E0HW68GVRs/IbUQ:kHBVjknEq1DijJCI1RPFidkRGP5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70f29bd878dff47188bbd1cf34c6adde_JaffaCakes118

Files

70f29bd878dff47188bbd1cf34c6adde_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 430B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE