b35e849cd9a04b0eb01eeff05a2db836_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b35e849cd9a04b0eb01eeff05a2db836_JaffaCakes118
Size

79KB
MD5

b35e849cd9a04b0eb01eeff05a2db836
SHA1

b3e89e5d46d9ff57bc5dc0ebeed6386aedef0534
SHA256

1b277a13a7fc5fa8922b3c1af6aecd465614574cc6a51a5dc192e76ff175d35f
SHA512

74e07ae6138db75da2497cdb6574a9266458494a53eacf48b3a778ad8cd345e382a3c3912f9fc13e4fa90aead7da9940bd20f4c73cb0d09efd418933674b503b
SSDEEP

1536:nBqCKNlMotustoHV/DLm9jkCOH2pRPF0h8k79Pl5E0HW6Eks04c3qWMBw:nwN7ku9kjH2pRPFidkE4c3Mw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b35e849cd9a04b0eb01eeff05a2db836_JaffaCakes118

Files

b35e849cd9a04b0eb01eeff05a2db836_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

9
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

a9c
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fzfym7v
Size: 973B - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE