dec36e46e9c9e088ac16d96fbe8d0c55_JaffaCakes118 | Triage

Sharing

General

Target

dec36e46e9c9e088ac16d96fbe8d0c55_JaffaCakes118
Size

158KB
MD5

dec36e46e9c9e088ac16d96fbe8d0c55
SHA1

e9905ca17dbb6368d6228af16b3bbfb8a4234d23
SHA256

88c820e642919784e12a95615ffa10c77d5eb883b0596bbc049d7803ee99c42d
SHA512

88b176250df745cb6792338cc3ba8daad9927b744e6db69e6e1c5230a52f60545af7cc7677d85964215a5441e9dd6ee4fb7378fb327c5d03bc84bb64e6a7bb72
SSDEEP

1536:AjuscGuE/1j3ljjnYtEpD+Cw6lg9lopSS1mTy9+tNAzTKFNm3eK9A1Boc4oB0qqC:APxtjtj4ambopF1mTy9g3FNkA17ozha

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dec36e46e9c9e088ac16d96fbe8d0c55_JaffaCakes118

Files

dec36e46e9c9e088ac16d96fbe8d0c55_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

9ip
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

a
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

veqpy8
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE