8286a962b8262109841903bf2b594460_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8286a962b8262109841903bf2b594460_JaffaCakes118
Size

59KB
MD5

8286a962b8262109841903bf2b594460
SHA1

e589072a5ba859ca170e177ab7b34af6905582e3
SHA256

1f9bfe8586d1a907727a20689baf4ea344aae90f190d893c79dc20e7c40a1e4b
SHA512

6e3b51d078ef8b76893830958cf46c1fe8e4ffdee21ff44b9eceb52b307bdf33f55e8e569634fe65a2d1bb3e7f854f7b5cd6ca58bf018d7e6f7b348e05696014
SSDEEP

1536:dIyQK3dLgkJCD8uLJ4YvdzEe3twbfrs+qoHa:dInKfOiYLt0jz1H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8286a962b8262109841903bf2b594460_JaffaCakes118

Files

8286a962b8262109841903bf2b594460_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 58KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE