bed5c1c5ddf4f61a05f3a21ec5dc23e6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bed5c1c5ddf4f61a05f3a21ec5dc23e6_JaffaCakes118
Size

89KB
MD5

bed5c1c5ddf4f61a05f3a21ec5dc23e6
SHA1

342af2e44fb9f6bab63c8cd7768e48528fe5da8b
SHA256

0390410b491d834fce1fe2eedc0de5bb82f64b1fb8d4c8844bf1ccd342976fd6
SHA512

87e59e6bf692eac243794895441eccef2a6fbacec1d8f8b5f094ba1e3263009ebd93fbe504273354509faf08b499301edaaceb3fda37bd600f0948ef8de5c949
SSDEEP

1536:KVAuKUqTAnOZ0v9gTwzXMZot8AwWx9Pwna2Q6qH7gUq12WixMwVDgUSg8EjR2Ieu:KuuKyOZKSTwzc+8AF9Ina2RqH051NKVH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bed5c1c5ddf4f61a05f3a21ec5dc23e6_JaffaCakes118

Files

bed5c1c5ddf4f61a05f3a21ec5dc23e6_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE