c7c00843a69aa1a5ee894b2d326184e5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7c00843a69aa1a5ee894b2d326184e5_JaffaCakes118
Size

86KB
MD5

c7c00843a69aa1a5ee894b2d326184e5
SHA1

de4ae09c6d6d6481e7b651f6cf82332c54142be4
SHA256

30db13063cd7e66ecc7bf4eaafe7b7ca99f02420798c6d2494b9da3404b36b6b
SHA512

df5649356ed6cff606172151a53fc765a70d1b43b4f544345061f7477e1b654a2ef02f4cbc73a7d547427332c147dc8eccae94d28fd4fc858c57bca2ea2fa70b
SSDEEP

1536:m/9Z0w2/09iOHh2+nhfOJDisz4rbaZo5lXoUn/Bn8xg5iWqUAhyqbZ0lZ5ESKCbO:m/bvIyiKOJ+szUbt//B8xd94uelZB5O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7c00843a69aa1a5ee894b2d326184e5_JaffaCakes118

Files

c7c00843a69aa1a5ee894b2d326184e5_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE