b6734082cbb2f658a30359ae5d3c30b3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6734082cbb2f658a30359ae5d3c30b3_JaffaCakes118
Size

88KB
MD5

b6734082cbb2f658a30359ae5d3c30b3
SHA1

3b3df1ca5b670ac35b1d218ccd3f58c3011e91b9
SHA256

ec0f45f9f4852c876c60fc935fae91d72d68b90479520124a65a8f51f34fb4ee
SHA512

501e18e72964971f68931272c163bb19eda298626c641b8206ef94adbafb8d89b4d105a55fd45ff1a8c63a50ff7384dcd88e01b27a3b1bde8ab5cf69fea7c8cb
SSDEEP

1536:OCro3l66Elgt1WxQcdtUZGlU/xbspG/nuHhLjfHUsxcFuzmtu3i5IlUe:OiynSG1cQNGlU/+xBLj/tz02flUe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6734082cbb2f658a30359ae5d3c30b3_JaffaCakes118

Files

b6734082cbb2f658a30359ae5d3c30b3_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE