a019555ce895e8f20f860869e1629abb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a019555ce895e8f20f860869e1629abb_JaffaCakes118
Size

86KB
MD5

a019555ce895e8f20f860869e1629abb
SHA1

0ecbc5f417c076da14f31a51aebadb094f749382
SHA256

68ff5f7faac1161b9bf4982703c5c4b171f4e4efe16a41d6eceb77788c6f4ce3
SHA512

bb9233544da9aa9323b5eef9e56447033bf4693d789fe2bf1aa094bb380bfb26a48a3b7a4cf574fe3b8408a8b9914e1ba036b2d3aa630b19b53ea2b84d204478
SSDEEP

1536:QzzTpaUQUAt09yMcagyWqo4EYPgleRitdz1fQ3VRAyLJuahUyKZz1jZ+lv:2TgUQteyMpgyFove0tR148yLEahLKclv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a019555ce895e8f20f860869e1629abb_JaffaCakes118

Files

a019555ce895e8f20f860869e1629abb_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE