757cd215a06d5d384ea4699eca96177a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

757cd215a06d5d384ea4699eca96177a_JaffaCakes118
Size

70KB
MD5

757cd215a06d5d384ea4699eca96177a
SHA1

f6b43b1b52d45bd70087666848c4721a1cf58269
SHA256

5c55fbac9d52972147bd7357efee9d09bf8fcfabf46c7f687c6263a943864a76
SHA512

8a885c98763f75627fe3a72cc9da07402d8e0675e064f8acc89893d9db3a74e4a7815a9d5edee564c9c3aec89a0f86dfd72bc5159464e6d4831d0346ecd5d2f2
SSDEEP

1536:Sj0ZKsvpNUtdh8pe2H56CkwWtQ1nKJ4Sq9+WvqeTD:Sj3apNydh8sC5gJ4zUwqeTD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
757cd215a06d5d384ea4699eca96177a_JaffaCakes118

Files

757cd215a06d5d384ea4699eca96177a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

packerBY
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bero^fr
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE