a19aac4535a6806707b1a39a1c83182c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a19aac4535a6806707b1a39a1c83182c_JaffaCakes118
Size

85KB
MD5

a19aac4535a6806707b1a39a1c83182c
SHA1

82f24acc42dd7bf57da955c9c6ad114553da2f57
SHA256

79ee85053ef7d58daadea5c08148acafee38941dd9a8f525c9308494b0d31765
SHA512

361c34d4964d1eb05d0c3c5562f956ecd3c286d0f2504665a5465a89a27855fa250b5737b872e60e5a5e4faeb4e000bb0a16af38859140e55c619015ce901a66
SSDEEP

1536:GUm2Di+/rIhgwbL0AXeDWOhLjXI2JkBf5xNnTa+2Md02eNuuw/EwbLO:gciuIhgwbLJXxORjY2JUhxNnvbcyEwby

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a19aac4535a6806707b1a39a1c83182c_JaffaCakes118

Files

a19aac4535a6806707b1a39a1c83182c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

mkr
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nnei
Size: 80KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

n9zqf
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE