ef5ee9c50be9add6c14be4e501b89015_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef5ee9c50be9add6c14be4e501b89015_JaffaCakes118
Size

47KB
MD5

ef5ee9c50be9add6c14be4e501b89015
SHA1

31010422eaed18cee8b4d6d94ea688de3ddd25ab
SHA256

af8bbde599dcc9c899f77b6f988a14b8561275e0a6997bf86ce04b35fa7be598
SHA512

8865ecda1fd67d3cee37f08822ab61f96d467c1c0e64bd2db8b0dc01f839c4eb3a54a3f75ebc637d563a413fadbec88420ee733ec25f5efe6858b75248b0cea7
SSDEEP

768:hQZ2BhubAQu/yLG2N5oGzZsXFI93dAvATgzLwXLRmoR0m3XTDGvElnpJVeQMp+aS:U23uEQub2LzzZs1a3dCKgzL2L9R0cTDt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef5ee9c50be9add6c14be4e501b89015_JaffaCakes118

Files

ef5ee9c50be9add6c14be4e501b89015_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

.nsp0
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE