a86a3f90897fe635c3b59cb5102bec35_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a86a3f90897fe635c3b59cb5102bec35_JaffaCakes118
Size

66KB
MD5

a86a3f90897fe635c3b59cb5102bec35
SHA1

eabc500f43f44522c597e6e97fbf451dc59ed585
SHA256

1d8e7801a24ca845fed59f5c3794f0f19a7059b0cdf2a2edd38c6813cf1349a6
SHA512

6a8782b5dbfce1a531130b4d90dade6398127b4cfb0971a8677ff5990466bca87e89122cabb9500620544b4a528a421ad9efbf1e01bb9534e2b3c1453f5035cd
SSDEEP

1536:p7d2oefadephOQotcpGW/Wh6MHOF7H5wLCLL7x3A8v0gs0:p7dGS8hEtkGu665RH5ZLL7xdD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a86a3f90897fe635c3b59cb5102bec35_JaffaCakes118

Files

a86a3f90897fe635c3b59cb5102bec35_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MsgHookOff
MsgHookOn
WowHookOff
WowHookOn

Sections

.nsp0
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE