e0b9e85a3db71116856f4e4c6393964d_JaffaCakes118 | Triage

Sharing

General

Target

e0b9e85a3db71116856f4e4c6393964d_JaffaCakes118
Size

86KB
MD5

e0b9e85a3db71116856f4e4c6393964d
SHA1

2ea37d2c6f9b0670a4b9295028b3b2f76243f8a8
SHA256

c375e88d21c21a09fe1ee80df9eac8fe70bb274045b62be501fe1f58e1d83edf
SHA512

f0d9c8704319be3a474d73805b7e432db39b219509d461cf63f914770e10136bf07152f5ea3e57f0efd61f586ddcae65fd3c6d3d77dfb7e5964c1b65011c598e
SSDEEP

1536:ZDRS8q+y6oXYNKwylocGnSJXpkM6Cxfz+C4c0XOovFCXc0:ZlS8B/oXpocGS9pkMbxb+uYOYFCv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0b9e85a3db71116856f4e4c6393964d_JaffaCakes118

Files

e0b9e85a3db71116856f4e4c6393964d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE