72a394d6018e4f93c6bc80ad30de8e54_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72a394d6018e4f93c6bc80ad30de8e54_JaffaCakes118
Size

83KB
MD5

72a394d6018e4f93c6bc80ad30de8e54
SHA1

7f6f02c0f1b43ca0f6ab8f29632e101f34fa4a7e
SHA256

9a2262490a26d2c1a13a7ff260df6de919b4b189edf10ade4200ccdfa79fb595
SHA512

ddd6a7ef55de6987e59a2226415894d043fd3c2a2a689c58c190160b6f0e26e6e0adc026038405fe60f3a9a3aa6a89cdd7bc4e565b9182f4442a941865b7bde9
SSDEEP

1536:w6dIuDgTYOpPa0NNVA2zJn1L1KOyHbosCgu3tFTDrYuVJ0HdMp/XaI0yGyq0:wlu80QPa0NrAeJnZoOIbB8bTDsuV6HdS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72a394d6018e4f93c6bc80ad30de8e54_JaffaCakes118

Files

72a394d6018e4f93c6bc80ad30de8e54_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE