dda6afaed276873c5695fda9c8f6f3a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dda6afaed276873c5695fda9c8f6f3a9_JaffaCakes118
Size

85KB
MD5

dda6afaed276873c5695fda9c8f6f3a9
SHA1

8c8f7b30200e59af1a116bfb91a731c681833f5a
SHA256

885d5fe5cf8d7eb2e4e9823e1dc798f9af38c89525a0ccd2d7ac21e129779209
SHA512

01e80722205697815904fc5d79e74802c491a65a31f501dbc613d6673365837055eab32ff5207bd9f2c38c4c3b9745e5a7c90d2a71c0afe0dfa2dfccdc9a4a87
SSDEEP

1536:1BZhhL8p2XRpln6TMQG6EwNk8SDBWEFFqTmuHopE6wMI0WAgxnx:1BZhhL8EDF64QG6J6812qmuV6yA4x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dda6afaed276873c5695fda9c8f6f3a9_JaffaCakes118

Files

dda6afaed276873c5695fda9c8f6f3a9_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE