cf32aa0af2541a544cc550aae8dc05c8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf32aa0af2541a544cc550aae8dc05c8_JaffaCakes118
Size

147KB
MD5

cf32aa0af2541a544cc550aae8dc05c8
SHA1

32a2f4cf8f255fd7144ae4f9c10c7a16799eb031
SHA256

0588e5bbb98f0b464828fb70e19818d1e0319fd8b58bfc919e93a70dfe5be954
SHA512

246dff3ba2229c6dbe680a28ce3305c51260c34fe6c15fd9ff6ea1ed27446d9423fa8827ef7ca374071fb91960a11fbd8cfa064b179db124a4de420000575897
SSDEEP

1536:yzyKk/gy4+5bqd4o+9yQkPtLlDGGt9VPeEJsYyY7DKVKnERyXR9KJkP:qyAE8pQkBl7t9VkYyOWAayyJk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf32aa0af2541a544cc550aae8dc05c8_JaffaCakes118

Files

cf32aa0af2541a544cc550aae8dc05c8_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JSOff
JSOn

Sections

z2bmgxw
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

o
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gg95
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE