b12fe95505df3fef8b8431604431940a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b12fe95505df3fef8b8431604431940a_JaffaCakes118
Size

88KB
MD5

b12fe95505df3fef8b8431604431940a
SHA1

3f949ecf219720f402c6f947577cc5860e182339
SHA256

58100bf8e67ff5321b7108fc460851d1e229482cb0a391d1dc4885b5b4a7b959
SHA512

58ba6e2519ee30deb0f615ae922f2404907e104d115ffe50547200d86f536688020a93d715159970787d6ea0948eb0022e531db2f758b60576bcea1b50d2ffaf
SSDEEP

1536:PWvURWIKP+9Jl4ujkE8Hc1Ytysz4rbaZo5lXoUn/Bn8xg5iWqUh/LQp/21Ytk:PWvUWWdjd1szUbt//B8xd96EpOB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b12fe95505df3fef8b8431604431940a_JaffaCakes118

Files

b12fe95505df3fef8b8431604431940a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE