d0aaf1c0733b219913f02740563c079b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0aaf1c0733b219913f02740563c079b_JaffaCakes118
Size

81KB
MD5

d0aaf1c0733b219913f02740563c079b
SHA1

2906fed4707996fcc2934ff84adb9e94f3dd506b
SHA256

a5feb636cc3b4c7daf0019b33e16b5ad1fdace3547357f1c9fde0d79777f97a0
SHA512

903476c0f515c334caebac5baa3c18be4ccd219e59d2d5a5492c31fe58debb1d9c9895753f25bf7b3d23fc5cb93012560e791822d683a3e02b6076ae1ab5f3ab
SSDEEP

1536:EV9ZXfPU1Wsp2WfTw5TLRPF0h8k79Pl5E0HW6onkmJ:yLXfDeqLRPFidkVks

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0aaf1c0733b219913f02740563c079b_JaffaCakes118

Files

d0aaf1c0733b219913f02740563c079b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE