b675ae76c450a526e63cdc9a5e09cfbb_JaffaCakes118 | Triage

Sharing

General

Target

b675ae76c450a526e63cdc9a5e09cfbb_JaffaCakes118
Size

17KB
MD5

b675ae76c450a526e63cdc9a5e09cfbb
SHA1

bf4b51cd3279f3561cd780dff0a5ee5dcd258170
SHA256

00ecc8fb3816dc6ac5de87070a5da09fae062aaa0c669ab4f5b0f7824cfbd39f
SHA512

f6920b6dcb32f5958638414236d9eaf7d986e5f726b3f3ea2944bede7e999c9af7b8cdb48620a81f12a0d2e3a7fd2d7959e985e686d9d3800145c83f20bcd3ef
SSDEEP

384:76e1J5MpliA1Q9dECtZ9GeaaOJheQWwkJ:+ShA1smCtjGHbWF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b675ae76c450a526e63cdc9a5e09cfbb_JaffaCakes118

Files

b675ae76c450a526e63cdc9a5e09cfbb_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
LoadHookOff
LoadHookOn

Sections

.text
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE