b46adf08df3dfec42501fc44db3edade_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b46adf08df3dfec42501fc44db3edade_JaffaCakes118
Size

41KB
MD5

b46adf08df3dfec42501fc44db3edade
SHA1

2d696b4e05137d5c09c48cb765da4e5271fe3535
SHA256

6952a1cfceee58e85fd2823dad68382c03f57e07fc406595e82cb0d4a27e57e9
SHA512

edec1daa1a5e09018d3b5a5ed746f53b25744fa20796ec75e1ee9430ef0048bb6d8e1e456e9bfe06bf4e1b0c1d540780b32959bb040afb20758f44f8b702f65c
SSDEEP

768:OysqzQiQ2W8FIkZqP4wpM3RiO5OpBl/7Laj1L3NG+oyGt7ggxewTzDp2uy:5sqzQMlTcP43RiGOpBl/EdG+ot7gkHzu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b46adf08df3dfec42501fc44db3edade_JaffaCakes118

Files

b46adf08df3dfec42501fc44db3edade_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MsgHookOff
MsgHookOn

Sections

CODE
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ