f53b402f488cf5e58b3cebe4a7c615b3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f53b402f488cf5e58b3cebe4a7c615b3_JaffaCakes118
Size

43KB
MD5

f53b402f488cf5e58b3cebe4a7c615b3
SHA1

59270037b4429c3604f2a5b646a4510f0d99ad6e
SHA256

51c9b36a9de46557e46e418b32c62d8a4307333344cab7213d8c0a5a5a1eaa7c
SHA512

ce7d4610641a40766f06d115d7477e196bdd8e498bf75178e27d571725ce2674a3878571df36f975d21f810df9a15fe1833a20d0e57d5d0eb99bebe1de283eae
SSDEEP

768:D889aP0IKAyfA8YLVZq2/bdViHCjMArohv4wPtzRcaz56ujxELBM8Bp:DrRzY8YLVZ/dViHCj/rcdP9RcaFDQM8X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f53b402f488cf5e58b3cebe4a7c615b3_JaffaCakes118

Files

f53b402f488cf5e58b3cebe4a7c615b3_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MsgHookOff
MsgHookOn

Sections

CODE
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ