724cb14b6567fe20ecd5e2e49e980e7f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

724cb14b6567fe20ecd5e2e49e980e7f_JaffaCakes118
Size

138KB
MD5

724cb14b6567fe20ecd5e2e49e980e7f
SHA1

28f611432ca30870999bc347be172b47812ff164
SHA256

787fa7da569ba3455649df00d4dd9ff3057c4524c3e57089d3fc88bc0a45aca4
SHA512

bad0c983dadfe7c1477d73fa0f099011e51a4c946a771f7723ed735a5d187a0f71c4f69685e840f826ec218b93a4797ecd904cde744eef1954278ce41ac2e063
SSDEEP

3072:aCLtzeUV6iA6AUa3X3HUB7QVbF6uhmBbTKuh+IGyhTR:DRCUVLMX3HUt4mBbTKNIJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
724cb14b6567fe20ecd5e2e49e980e7f_JaffaCakes118

Files

724cb14b6567fe20ecd5e2e49e980e7f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

CODE
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 207B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ