73820011b774c2d72b5e9921b1da8c79_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73820011b774c2d72b5e9921b1da8c79_JaffaCakes118
Size

54KB
MD5

73820011b774c2d72b5e9921b1da8c79
SHA1

1330c30922c1ecf3aeebda532597f2588c646c64
SHA256

7882781f993c18d84108133792157bc3271f17a6482be1600ba1f0c63abb7b10
SHA512

fced3aff2070e3f29f15736122037db8d853a33fc1435392f0555449d2bd08d07a40fdd1bd56961e9bacb8f2246f7d5c28182fdaf1980941efbb16edfdf1cedc
SSDEEP

1536:j2tQhvUbsgqjM6LJw9aANeG3plO6IuMp5HXF8OkyLR:j0Qhv5g8MmeHNeG3nbwyVyV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73820011b774c2d72b5e9921b1da8c79_JaffaCakes118

Files

73820011b774c2d72b5e9921b1da8c79_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

.nsp0
Size: - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE