eed6d05ff03c3c4ecc962e3d8e0979fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eed6d05ff03c3c4ecc962e3d8e0979fc_JaffaCakes118
Size

89KB
MD5

eed6d05ff03c3c4ecc962e3d8e0979fc
SHA1

8422156acd487e39b31bfa0ae985687419714cf5
SHA256

818a9d6abed85f88165cc7ebfe810c9439bccd1524d0edcbdb1a9ed3248c5636
SHA512

7929d8c093d68dfa5d92dac40d20d47d3e958c7feb2bfbaf732ac55b3e960e0643836e29cddd7ce4ea3ed4bd791b0e1663a167e80e7c6760a5e23c5ba467bbba
SSDEEP

1536:e9GvrRn2Bs3pySMrZGXLrkAlDvq34a2Tdz8G9Ar1O+xjMA4REq1ytE0MmgV9rZD:e9Ulnf5yrZ8AARsOTdz8HA+xYA4rQ+Tx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eed6d05ff03c3c4ecc962e3d8e0979fc_JaffaCakes118

Files

eed6d05ff03c3c4ecc962e3d8e0979fc_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 84KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 487B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE