bffdc4f3b3dc28f43dc5f5329de485aa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bffdc4f3b3dc28f43dc5f5329de485aa_JaffaCakes118
Size

140KB
MD5

bffdc4f3b3dc28f43dc5f5329de485aa
SHA1

4a18a2c25e919dfdc100a42bb7b72b1fa4c79802
SHA256

219944610b5c88ecd06741c78f7fee8ab0505da2d1a2861060ed45b96c56ab5e
SHA512

9603a2be19d2ebe567e4315e87de2c70875ffc421614ae2c7c10e8e074bd3f996d59607d9e6dacc6b2ccc9752f704514eac6eddc2886bdaa2b032a1bd5099ade
SSDEEP

1536:Ye9zV5Cq7WbMCcQHvo632b0F7TLDJnA3nmCV4H+kUnCwHGpVd:ZOq7WhcK2y7TLDtA3nma4HnqGpV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bffdc4f3b3dc28f43dc5f5329de485aa_JaffaCakes118

Files

bffdc4f3b3dc28f43dc5f5329de485aa_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

h
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

x
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tvoww7
Size: 679B - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE