d5fb6c6b64cc839a628678ec7be31be7_JaffaCakes118 | Triage

Sharing

General

Target

d5fb6c6b64cc839a628678ec7be31be7_JaffaCakes118
Size

31KB
MD5

d5fb6c6b64cc839a628678ec7be31be7
SHA1

97447f36eeb4992fd67b49bbf3c01f3703fba5bb
SHA256

bc3118401d36c2f2e6c820a05ec93d4d451348a4c4736d48de65ceafff413a27
SHA512

56c29bd094468c65991defb6da43a7a125d64b4616e59c457dabc8d89d5d09f36bd42a90c9be52cad2390f2a58c8f2abccc324907b140c52bdeb10894c643916
SSDEEP

768:Ds3U0ZLJ3VXURNPiSDp10CuCit6SjZYkHR:SdLRpbSDv02sYk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5fb6c6b64cc839a628678ec7be31be7_JaffaCakes118

Files

d5fb6c6b64cc839a628678ec7be31be7_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MsgHookOff
MsgHookOn

Sections

��ƺ�0
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��ƺ�1
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��ƺ�2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SBSBSB0
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ