b3d4dd4ebf805058c8dda4ee2422ba53_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3d4dd4ebf805058c8dda4ee2422ba53_JaffaCakes118
Size

47KB
MD5

b3d4dd4ebf805058c8dda4ee2422ba53
SHA1

53a601cbcbd4f73e38fbbb96803ba1b8ec0ee2cc
SHA256

986c8ffca7bd288fd4b4ae4dd76e8819dc457b6646d6b4e78014dcad062aeeb5
SHA512

4540e8561d76cffed5ec57067df53c82d4d998f97b79b24dca403055a0470b83be5378a9d62a90bdadd2ea5a89cc9da2cb70d7e4c4983a721220bdf578def129
SSDEEP

768:RSVMqQCVaQkUwjWnogL/Zm+7ogiO5OpBlc2nTLmdG2D/3U0y7h6nOuxOHMQxhy:oVMqFVaQbnL/ZmJgiGOpBlc2T+3A7h6b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3d4dd4ebf805058c8dda4ee2422ba53_JaffaCakes118

Files

b3d4dd4ebf805058c8dda4ee2422ba53_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MgHookCs
MgHookOp

Sections

CODE
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 199B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ