82b40f113b6a7fff853c2335487cfa00_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82b40f113b6a7fff853c2335487cfa00_JaffaCakes118
Size

69KB
MD5

82b40f113b6a7fff853c2335487cfa00
SHA1

adf1f67c68c14d7588d791415f3b91aeb6f3b173
SHA256

58d62dab8b73741c000a1348a6f7172dbd904d8fc581ab47a4b814fbbb22f66a
SHA512

adbae524b3bc7b4deee329e61ea5fc41c7567dd2dc1b2384eaea5c981bed75016e203d046ac266ea3094391c24d2a56add444f28da039a58cb1de8d5226e1b98
SSDEEP

1536:FtT97KuOhSwUgnmgi0X0A5DFgYYaBDSvQ5+9J6wSjYlN6+:fT97BOhNU75E0AEa2Q4mwSF+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82b40f113b6a7fff853c2335487cfa00_JaffaCakes118

Files

82b40f113b6a7fff853c2335487cfa00_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

packerBY
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bero^fr
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE