f03ff7f88c0f7964a632b4ca929538ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f03ff7f88c0f7964a632b4ca929538ef_JaffaCakes118
Size

44KB
MD5

f03ff7f88c0f7964a632b4ca929538ef
SHA1

4f5d91c54edd6515e102416b8b4dcc7889009cd8
SHA256

8bcc467d5b8765de03efa7031dd23ff3eaa713e8f77d107255e0d536198c7e0e
SHA512

fd2a70d4989c80e70a181c81b00865d4205b78ef3e496df574d022ca6cccfce27d20c73e55ce16975a0dacfcd06ef4f3f827eebf6fa86a670526601fa80354a9
SSDEEP

768:OCSqWQ1geCiGgL/QMe188Vex9iO5OpBlV5IPQD9Id8vUFGlOZ9xVHoDr:pSqWQGPgL/QMKs/iGOpBln3Id6UFSuqX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f03ff7f88c0f7964a632b4ca929538ef_JaffaCakes118

Files

f03ff7f88c0f7964a632b4ca929538ef_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MsgHookOp
MsgHookif

Sections

CODE
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ