d61be9105318cb1e94e60e6c4569409b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d61be9105318cb1e94e60e6c4569409b_JaffaCakes118
Size

158KB
MD5

d61be9105318cb1e94e60e6c4569409b
SHA1

fde8a5aa0a499f170041868717b2a5a0a13531e5
SHA256

eab6984b0f5c136076e7c0d63ab1bddc240076c9d4ccf44f0d75cad11a3eb1b9
SHA512

379f39402e799a957d362c23361571ba5f2615746fc3ed2fcc4257eb2cd8ce4bf158c104696afc7b3a85e47c397630851fd8f78c507ee488129aac50f80290bf
SSDEEP

3072:xzj2gwRNaV38x9c1VztK8oO55jbxLk+Y:xzVwzaVM7cD4u7jhk+Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d61be9105318cb1e94e60e6c4569409b_JaffaCakes118

Files

d61be9105318cb1e94e60e6c4569409b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

lqgfqg
Size: 3KB - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

h7fbvpp
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9gk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE