dfa5fba1fc690acbf325433b3ae53561_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfa5fba1fc690acbf325433b3ae53561_JaffaCakes118
Size

140KB
MD5

dfa5fba1fc690acbf325433b3ae53561
SHA1

d5dafb05babe9cca7c00709eaa8d2232d85ed02f
SHA256

83e28ec8bb19664de637bff3b1fa586cc637c9e0073a9f0e3d541da330635195
SHA512

cea80a1ed2e31f5e8feee75558ce8857ba74e8f40aa7820bd3f20a41b878dbac70ca8456f5b48b8b307c9f5ff8b98dd47f704d9870948db6b12f92b0922de8be
SSDEEP

1536:T4SbfosJoTS9Il/N0ExVTGHQuMO+ijLjZVgl2r5efY52DF2:T4SDosiO9K/6wSYO+ijL12QeQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfa5fba1fc690acbf325433b3ae53561_JaffaCakes118

Files

dfa5fba1fc690acbf325433b3ae53561_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

5v8
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g2mi5gh
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kmi5d7
Size: 638B - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE