f976c4c7f8ac6d099fa48f50a3cef371_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f976c4c7f8ac6d099fa48f50a3cef371_JaffaCakes118
Size

92KB
MD5

f976c4c7f8ac6d099fa48f50a3cef371
SHA1

f9ff65fc600aa4dde523fd5ba0495818230d65e6
SHA256

5940649f3ededc7ca4c43eb341bf47a7b84ad527029a9a4266bd1183496fabcb
SHA512

8deb16ed610ac3c658c6745cbbb5bd7cbbbb512647280443ff97abd21f652a7891ea4346066d42d08525e96c7717afea9603644eb7f3a9fc338019f031b334cc
SSDEEP

1536:oGfsPfO5Ls/p+5/789+N2Pdqd8rVuB/uUN5VjV6JGLk9fCusCqGYYjmEgGUGDrAi:oGfs+Yp+5/789NPdqdnZVJ6BRCusCZj7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f976c4c7f8ac6d099fa48f50a3cef371_JaffaCakes118

Files

f976c4c7f8ac6d099fa48f50a3cef371_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE