aa59709fa2c2b4d7d36e78b1d44355e2_JaffaCakes118 | Triage

Sharing

General

Target

aa59709fa2c2b4d7d36e78b1d44355e2_JaffaCakes118
Size

87KB
MD5

aa59709fa2c2b4d7d36e78b1d44355e2
SHA1

7e925ef83a67150f9335df0fb77eea97be7cb58d
SHA256

817b70caafe0376891c25a4d0da0a56be98407713d771f99b49aa1d31e51dd9c
SHA512

67baf9c1bc40a9099a4530e1aded2dd0b680b495abe1b20d2fdde436fb85eb91be7f78ccc399880aa20637e7dd36c252c01c6932dc66e70b42db5c996cc78c2c
SSDEEP

1536:gAoJ05dbKXYh/pyNm6ra+Qafh67nSv3R2cIfzWqC:wJ05dbKS/pv6TQshzIf0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa59709fa2c2b4d7d36e78b1d44355e2_JaffaCakes118

Files

aa59709fa2c2b4d7d36e78b1d44355e2_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE