c97a6d14c9ee54f82ec195fc983335b9_JaffaCakes118 | Triage

Sharing

General

Target

c97a6d14c9ee54f82ec195fc983335b9_JaffaCakes118
Size

167KB
MD5

c97a6d14c9ee54f82ec195fc983335b9
SHA1

75a6c8733804e66b08c72d897703be4c984a3da5
SHA256

af3412bb4e2026780a34c4d4235acb983c86ad470cbc9ecae4dedb95613941a1
SHA512

267f12c1562007c65d780a2630c2563c421f2f456171536904f2aa65d6988f8fc59dee059844fc9591051dc128785b00611882b75d8182850ffe088441f6ecde
SSDEEP

3072:fqA7ZqrSBCUsDL7A4qEN+RAJ2LInuCUs:fqAt6pD/A2NcY2E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c97a6d14c9ee54f82ec195fc983335b9_JaffaCakes118

Files

c97a6d14c9ee54f82ec195fc983335b9_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE