83b7b5cf57927ce54b3525b03b1e768a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83b7b5cf57927ce54b3525b03b1e768a_JaffaCakes118
Size

90KB
MD5

83b7b5cf57927ce54b3525b03b1e768a
SHA1

292327b2d3b8b792c72cfac74c5d6cdbd03aadd6
SHA256

4d8a02224cd57d333b8293cb31ab3fa97e5736abd6b59fcbf35c695763ca2e9e
SHA512

2b6a6aa200912262f525b5b1b8bd37de5170ef406547243483d735150aef727b53171594589d51d9d948f5d0546b930ceefb33b8e205d7fead320c8f3cfc1e34
SSDEEP

1536:FmIGjWej/9dXqDE8YYVTOECMAD4S835W+7ivTKKn04bgML/RVTHaFYNkelPdQTaH:sqej1dXqAiVTOErSSW+7ivTP04g4DaO5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83b7b5cf57927ce54b3525b03b1e768a_JaffaCakes118

Files

83b7b5cf57927ce54b3525b03b1e768a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

s78n
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

v2ttjsk
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ou
Size: 4KB - Virtual size: 393B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE