b1037ec55d6b1f1521677c4dc58689c6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1037ec55d6b1f1521677c4dc58689c6_JaffaCakes118
Size

83KB
MD5

b1037ec55d6b1f1521677c4dc58689c6
SHA1

805b90ceceff50d771ab1a60f799e9df79e9e108
SHA256

d470ab320e440cab4861f92a623fe3f14a30d225a76c4d58fbc1b70e163532c1
SHA512

92dca2bd7561954560bdf59c177ad05e4e4ebdf2df0241c525d69eb48166a8d6a3e18a5b08a3198247cc64e9ac2250f773dceb9978b888ce72eb3666344ddc63
SSDEEP

1536:t4pNoPXTvOcIpaant9EmO91hrzAamyhmHgKkns25gcnVSh3XE/:t4pWPXCc2lnW91hYkmHgjznU0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1037ec55d6b1f1521677c4dc58689c6_JaffaCakes118

Files

b1037ec55d6b1f1521677c4dc58689c6_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE