9488f57cd3314102de06d8ce818d40c1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9488f57cd3314102de06d8ce818d40c1_JaffaCakes118
Size

140KB
MD5

9488f57cd3314102de06d8ce818d40c1
SHA1

baf06425454b0d80e2edc1ab9935a2f11aefd6f3
SHA256

45b181af062f007c20f0e24bb7e567a391075efa09d66329e2770747f8c16794
SHA512

87cbac6123b69df24635cf4bfbdc15d2a62572be463da7756306b31c1c608d14e32308ca949652e042b097b18216e3249c16d9d6e6fd2666f437bf48d041bb1d
SSDEEP

1536:N4nOxVv8zzfFnhyiNwyAJLxMoHglrVMjwH9WTI5mk2jmg43Qy/ayehk1HWMoH:NgOx6zLTjuyOLxdgLM85mZjog+vWd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9488f57cd3314102de06d8ce818d40c1_JaffaCakes118

Files

9488f57cd3314102de06d8ce818d40c1_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

84dy
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

m9eqd7ij
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jb
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE