df949cb9ceba0f6db3151c5b446c9120_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df949cb9ceba0f6db3151c5b446c9120_JaffaCakes118
Size

56KB
MD5

df949cb9ceba0f6db3151c5b446c9120
SHA1

1e5537f165b15564d68a2527657b0a659e176d0a
SHA256

a4e3d6dc3f127a898d56c72d2e3dc540a99f3105fe05de51cec5711c7e58bdb7
SHA512

1e90b83527723c96dd24f362816702fa7f9e2d35d6b7e681728e9b213dc87ba58a135ff2ddd5216af471978e1ce3084734a0f1106e438ad1d42c5d4ba4947cea
SSDEEP

1536:OBXF6SRDLyiag0WKudHH1kUX60VSuviN:w6gaXQA6Se4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df949cb9ceba0f6db3151c5b446c9120_JaffaCakes118

Files

df949cb9ceba0f6db3151c5b446c9120_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

yl6n0
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yl6n1
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yl6n2
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE