dab9df4c35e88c055f6b0c930cdb573d_JaffaCakes118 | Triage

Sharing

General

Target

dab9df4c35e88c055f6b0c930cdb573d_JaffaCakes118
Size

158KB
MD5

dab9df4c35e88c055f6b0c930cdb573d
SHA1

31dcb4c3054faa26b0bd4f7043e4603622717a71
SHA256

1ed30e7800cf17f35f5b66510adc1dc2b516f1ba4e1e6dd125ee8cf1ee3f073b
SHA512

058446ed37288d65ccb93f2c8b5d4b45fbbec839f0e22c2163260eaa877f74e67224bf09347e579e399b5780b3a4b3c855cf751004016b1839b5c06e04e26ba7
SSDEEP

3072:yggqI3XzS99ti7cNJrww/E3sOLMzLRAldao:pgFzSXti78Jrww/E3sS6il5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dab9df4c35e88c055f6b0c930cdb573d_JaffaCakes118

Files

dab9df4c35e88c055f6b0c930cdb573d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: 3KB - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 91KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE