ea3db8022b1d25169f7dd13f2fbef26f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea3db8022b1d25169f7dd13f2fbef26f_JaffaCakes118
Size

69KB
MD5

ea3db8022b1d25169f7dd13f2fbef26f
SHA1

6466d0b118ef2e508b7dd455faa6c23261ec9a5c
SHA256

95a2f3d71687068d92a64cd6ba5bd41545b6ad4838ab5de46c9b9805cb816b7e
SHA512

4f2b912a4fe16d4777c836638b1694214889c3b8a481dd9a940b3552592603873ca6d336820086b2bc764113f5a2cfde0396f7f7318ad4968b41ab27409eb0d9
SSDEEP

1536:pRSnq+iUiEpoXguzR/ecwTgPjqb+c7G8H3raaf:pRSnq+icelNasjgn7Z7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea3db8022b1d25169f7dd13f2fbef26f_JaffaCakes118

Files

ea3db8022b1d25169f7dd13f2fbef26f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

packerBY
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bero^fr
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE