b78fb6dcc894c7d881eeec14a4b5e0e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b78fb6dcc894c7d881eeec14a4b5e0e2_JaffaCakes118
Size

82KB
MD5

b78fb6dcc894c7d881eeec14a4b5e0e2
SHA1

319858093614d4a54288bf7d4ab3d85bd557af22
SHA256

962fa4e893be5bcaf17d12481cbe35b144e769e8ce6b7e497b7b97e736d00681
SHA512

ac964f71625fb1caf20fe452dcd8d3c62633382337e7c0f89b7acd6f226e98fc614de1e4eed709aec225d8cd8c45324a933ade86c58a6771ac38861d944e2d32
SSDEEP

1536:9Mwl3twcBU3H0hGqCCeNH8mT68QDpV/Ynq9sMGDCVbtLsXxT00ar:95twChEqCCeNR8pyq9Sob0jar

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b78fb6dcc894c7d881eeec14a4b5e0e2_JaffaCakes118

Files

b78fb6dcc894c7d881eeec14a4b5e0e2_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

8gcvxo
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

b
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

77wi2
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE