ad40facb0fd6324ab4effd32097b7374_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad40facb0fd6324ab4effd32097b7374_JaffaCakes118
Size

86KB
MD5

ad40facb0fd6324ab4effd32097b7374
SHA1

1f1b802f06deb12aabacdcb64d5beedae7801539
SHA256

2e3b638ebd5d6f6175b3a6fba2744cea81116ce14df0eb5f88c077a9a860d438
SHA512

7875f25495bc44c70645d6e1f76252795ec250fb5f9bdae0958aff7fb1710602f96995eb8461b5b4ce6f50ea2f2914b277f16c98562f1fe44ba610feee9e50a3
SSDEEP

1536:m23YMmHTxUzyglIB/kQx6ej/JjEy0njCOhJkmEVLj018l4kv70Pu:xYMmCzpUMQ4G/Jjyn5EVsMv70W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad40facb0fd6324ab4effd32097b7374_JaffaCakes118

Files

ad40facb0fd6324ab4effd32097b7374_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE