a59d8e407075f3876bf979e625e69c49_JaffaCakes118 | Triage

Sharing

General

Target

a59d8e407075f3876bf979e625e69c49_JaffaCakes118
Size

19KB
MD5

a59d8e407075f3876bf979e625e69c49
SHA1

269b15b31867acf659f2ecd0d4ce901a7bb640a5
SHA256

6c22eff20920240fd3c806a16470b6f16c2eecca08b037d5dfb34a0b00337278
SHA512

eee7b14057c607ce3bd160984287c0593dbafc11267ebc6787a7aad1f293c3bb0647c76a83375f384e565c99440084539e28fe59b009492c5c76faa8eb8ecaa4
SSDEEP

384:quqJCYjyjT909R5DkXOPdyYNmXAW3IljMwGnDeJgC4x:GBjyF09R21TA+XNnDkg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a59d8e407075f3876bf979e625e69c49_JaffaCakes118

Files

a59d8e407075f3876bf979e625e69c49_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
LoadHookOff
LoadHookOn

Sections

.text
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE