cf8db837b0e4dbab9fa97af25b9e99a2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf8db837b0e4dbab9fa97af25b9e99a2_JaffaCakes118
Size

60KB
MD5

cf8db837b0e4dbab9fa97af25b9e99a2
SHA1

ceeb2bb54ed30a86dc9c45042c4fde3f8ae87196
SHA256

d0880cb8ec1d22f6410ba86583dec30eac267be05177f4e7c4539b93c3008dc6
SHA512

4b549b6533be367e6bd2ef9f7e13fb88e8942205306018ab9af375249c1784f1c50e28cf3afa55f7ac0d1c6594c7e1b7e866349c4c5d4fcf8824e1d9d5f7063e
SSDEEP

1536:XIy9CJybgroD034TfWRpn2S68EE0k9kEiaTVEuPAoles7k3:XIISoD0yfWF68EE0kwGiTwel

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf8db837b0e4dbab9fa97af25b9e99a2_JaffaCakes118

Files

cf8db837b0e4dbab9fa97af25b9e99a2_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 59KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE