b82a4d06a20c6dea795af5ce28bf6410_JaffaCakes118 | Triage

Sharing

General

Target

b82a4d06a20c6dea795af5ce28bf6410_JaffaCakes118
Size

78KB
MD5

b82a4d06a20c6dea795af5ce28bf6410
SHA1

bc5efef1b72cd7bbe0c36decd1db02e8965f2020
SHA256

446675f6eae62952f0017480d5b0d8d0e8ae88221fb3468b513abf5c3e076ecf
SHA512

a1ed13d6b51019bae952d66e97fabf8e5dc2ff40fb3150da7f02a571ace0542e150016eb15f49ddedc8c58e402284f8c2006544761c06983caf4cdb990c5a930
SSDEEP

1536:LU0ElRtglAk2y5B3LrHIpy6R27RhvMu6+ASHiRiVPgBE7OkB:LU0ElUlzB7rT6RoRdMN+7HBPZ75B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b82a4d06a20c6dea795af5ce28bf6410_JaffaCakes118

Files

b82a4d06a20c6dea795af5ce28bf6410_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUNloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

packerBY
Size: - Virtual size: 212KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bero^fr
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE