a5dbc43482b3ebc77f0406d8d3e3c9fc_JaffaCakes118 | Triage

Sharing

General

Target

a5dbc43482b3ebc77f0406d8d3e3c9fc_JaffaCakes118
Size

86KB
MD5

a5dbc43482b3ebc77f0406d8d3e3c9fc
SHA1

919985848f8af7c6edcaaaf55f93bfe10ba746b4
SHA256

4094d1dfddba4aa3377a220f3f8751659a61ba0595ec98a9619e9e226c9f97a9
SHA512

9a46c7fbafc856ee8577d0d435d88c179f2df73c32b0d486d620af9d5e4699d7e8c856cb5dd37234abf2be247d6a22b97eca744f449c7290f5847cfa0d1fdb05
SSDEEP

1536:KAurQ8E0MrtszKxegdwAvcNBEwyParJcd71Swr1DT98VHCWLAdl+FaL/s7qiqDtt:Kv/pxRMcRyParKJ1Jr1f9a7LAdl+FHot

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5dbc43482b3ebc77f0406d8d3e3c9fc_JaffaCakes118

Files

a5dbc43482b3ebc77f0406d8d3e3c9fc_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE