a97a6ab70703ae28bff1a96bb51ad309_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a97a6ab70703ae28bff1a96bb51ad309_JaffaCakes118
Size

140KB
MD5

a97a6ab70703ae28bff1a96bb51ad309
SHA1

c3de4e9dfffa8af28f8ad440a4342b25b8934f19
SHA256

182910b88d454c8e503e43cfa6588a3b62522bc6878d21699d3b92388f2c9ddf
SHA512

28f14c391732cdeebde93e23cf2462399c3dce0bb0e15d68dc449a458fd2184d1a776aeabceb240cb1d135f83df7cfb4ed0f810ae1e6f2c26b639578f0eefe02
SSDEEP

1536:JZCT3OSeI7xRLZh5ZGuGWSct7+d1msnFMHdIy8cok6PboVyK3sxBb2Myq7Y:joT7xRLZ3ZGk+d1mSMq6n/Kqo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a97a6ab70703ae28bff1a96bb51ad309_JaffaCakes118

Files

a97a6ab70703ae28bff1a96bb51ad309_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE