c7dc961bfd22a39dff32d445609f12b5_JaffaCakes118 | Triage

Sharing

General

Target

c7dc961bfd22a39dff32d445609f12b5_JaffaCakes118
Size

77KB
MD5

c7dc961bfd22a39dff32d445609f12b5
SHA1

c3704271c97acaf4b9d53dff607af75fb54dab19
SHA256

f52290ca0dd98cc5a04f6e6cee816ccbf4f4a9b4fc354b9824aae0eaa078b285
SHA512

ebaab194b3b25c41597306c71d97e8051d7d57f17a0644d70b63742e4ea01672bc953c54af272634a6d27c6bbd9f4babc6b9bb096ca1abe94757ca515eb3257d
SSDEEP

1536:fn5tHZa6nRjdbZ/fMs6YVaJkKKsJHgAonodR0ERf29TH+ruF:f5tHZaUxbZDgOsJHgoQEoVeKF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7dc961bfd22a39dff32d445609f12b5_JaffaCakes118

Files

c7dc961bfd22a39dff32d445609f12b5_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

vtjeqk
Size: - Virtual size: 156KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uorbyjd
Size: 76KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iq
Size: 191B - Virtual size: 767B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE