bd0a5f5622c125303ab42920b6a8f7fa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd0a5f5622c125303ab42920b6a8f7fa_JaffaCakes118
Size

158KB
MD5

bd0a5f5622c125303ab42920b6a8f7fa
SHA1

f528d2a2a2765c567ed371aec2fc69e76a618550
SHA256

c740532c79198ad96e3992efbd703b6fb76ccca0832802e7c567f9404c6e6cef
SHA512

d094c538706e5b18f06f732e059c6a1340c7c2f022a8a064875ea89ad9f219cca2573947a53301f0c719ebf28b79897e600b6718a3c565464c6cd84bf9845a57
SSDEEP

1536:62j5oMa2Bo8F0CamuE3usz4rbaZo5lXoUn/Bn8xg5iWqULULI7/VE6mu:62E2KE0Hl7szUbt//B8xd9OKS/Vnl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd0a5f5622c125303ab42920b6a8f7fa_JaffaCakes118

Files

bd0a5f5622c125303ab42920b6a8f7fa_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

ea
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dljf95bk
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

y2q9dzzc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE