bee5f89c474078431cc042d125ea6145_JaffaCakes118 | Triage

Sharing

General

Target

bee5f89c474078431cc042d125ea6145_JaffaCakes118
Size

86KB
MD5

bee5f89c474078431cc042d125ea6145
SHA1

d50344dc7b2ea735d3b30bce09b55f5c7996e144
SHA256

8e4b52bbcf27888c18f4770abc0b77cf9b77b9df9fe9cb3d8e7b81c893ed8b0d
SHA512

2827375b0d25f3155081f4b5f3682b3b8ec690c1a32c5f5f203121041514988a157d3e5a9457749a0f6dca15d6b60d82e4d5c3c0c75438ff4b79bbdb6ef7a846
SSDEEP

1536:2zVclJRVFrkF/bd4mu2IgB6ln0kZhIktQIxkHkbEeSCKSjzvqIH1SC5KCcyErHK+:2zVOTEFjd4m1IoKS5tHkW03qatoHOO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bee5f89c474078431cc042d125ea6145_JaffaCakes118

Files

bee5f89c474078431cc042d125ea6145_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE