b858bf04b05142413096e3bda357d041_JaffaCakes118 | Triage

Sharing

General

Target

b858bf04b05142413096e3bda357d041_JaffaCakes118
Size

88KB
MD5

b858bf04b05142413096e3bda357d041
SHA1

0fc08c12ac396143cdab2a916dcbb067a0c3fd4b
SHA256

a24d55e3f6add22240f464a0bd34d9e4a58977ad39c37035e91c86c2f6514742
SHA512

03a3f3c6658cad65ab8f5be0c3a4a07e225b2f933059ae5966062d593ea75e5ce8ed64270066233ec4fb2ca783f84f1c816e12795782d67830b801ea7b066a91
SSDEEP

1536:g0tQ5d3CjAJKPxsnoRqlRT2lCblC1UTzpKPE7/UNQ+QfhfZsy1ivGOo7l0:bQHyjmKPEoRqDu1/c7/U9QhfOOF6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b858bf04b05142413096e3bda357d041_JaffaCakes118

Files

b858bf04b05142413096e3bda357d041_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE