ba5fe4e8f82c7c78aca8476788c134eb_JaffaCakes118 | Triage

Sharing

General

Target

ba5fe4e8f82c7c78aca8476788c134eb_JaffaCakes118
Size

82KB
MD5

ba5fe4e8f82c7c78aca8476788c134eb
SHA1

3e9ee7b68d48adb4d63bef265e9290f1f0a2a0e8
SHA256

0c2f96b05824e46933df88602f6d62797e2541a2ba53a1a379827922e299a297
SHA512

d74a8935036c7a82deda15dd55c902789d73bc06397e072b0e2a74feb0378bca71569fd5004af044e0dac777ecc3ba5727927aed329e640b6d0ea54f05f5078e
SSDEEP

1536:NGy7aHPsUyPNYk3bGf2kExPctlUB5JPxHlQBGeYg7DNsah8l+Qj39JEF3W:NH6UUKpO2kttlWPYYqDGaCl+wtWFm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba5fe4e8f82c7c78aca8476788c134eb_JaffaCakes118

Files

ba5fe4e8f82c7c78aca8476788c134eb_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE