d3f72c5fdea9986b90d8a328082d33db_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3f72c5fdea9986b90d8a328082d33db_JaffaCakes118
Size

89KB
MD5

d3f72c5fdea9986b90d8a328082d33db
SHA1

3a0237287119fdf55677b59b00a77439f6681eed
SHA256

9fc9fca19e21d073cc9d69a4fa522c37053bd2e0b394dc44f1b549e10f09f574
SHA512

173d2bf293794137bedb41e688f536e6ac925119696efd2f9aeb91aeb6715fb0da7e9661583eb67c0f2bcd2db7d9193c38ddbc1d849009a7e34a385aab088eab
SSDEEP

1536:DUMrgeAQDdPnvYcIQ4DFRe0c34YvOTDKJ5w+Uv7l4ScRYfClW0IQ4DFRez:DTrzJMJ80cIYWnKJ5+pfC40YJ8z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3f72c5fdea9986b90d8a328082d33db_JaffaCakes118

Files

d3f72c5fdea9986b90d8a328082d33db_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE