d2c2e03c7a638dc4801b93bd34fe8626_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2c2e03c7a638dc4801b93bd34fe8626_JaffaCakes118
Size

87KB
MD5

d2c2e03c7a638dc4801b93bd34fe8626
SHA1

92d00cce735063f29aa2d5b05fc99f0f4e35edce
SHA256

933e99087d511b1be54c1db029d80ef4792184bc2ffb05ab6ce3d206850cd39c
SHA512

77e02ddc0151a86baf3737990a34a1548b2e124fb1fa16a09fc632077dd76574777d06ff56d839a76cce6f82e609a82032d6294aeb1de2b8ccdd559b1f733301
SSDEEP

1536:pi99sbZVMh4YEEBschbTc+iu1mf9n4oe8UENdeP/CzXDyuthb4:pi99LjnBiu1s4JTENUP/C6u30

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2c2e03c7a638dc4801b93bd34fe8626_JaffaCakes118

Files

d2c2e03c7a638dc4801b93bd34fe8626_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE