d74e13d29f41df2ac4f3187088d6c46c_JaffaCakes118 | Triage

Sharing

General

Target

d74e13d29f41df2ac4f3187088d6c46c_JaffaCakes118
Size

85KB
MD5

d74e13d29f41df2ac4f3187088d6c46c
SHA1

2c7e7c0a1a79d39def88c725c2cbb70de1e793cc
SHA256

0eaa75e3382dd3c276308d7d78f74ac826263e4e396fb87ffcabbdfe99a31537
SHA512

d760ef43359e41e96ce06c04bd46c226aad9339a92ed4c5752db18869c07533e3eba75d2c17bce3f6566575ae571a7f2adb0668232e2e992e3298396c4635739
SSDEEP

1536:ptKfZ4vJ5aao6ov/EAr1wNaJ2HdVpzm5R3LTyMDf/Ie8UbQr55rmHAbThPt0AHa/:ptKfuJ5m6oEAr1wNaczm5R3LTyMDfwe1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d74e13d29f41df2ac4f3187088d6c46c_JaffaCakes118

Files

d74e13d29f41df2ac4f3187088d6c46c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE