fac0627a11208915e2bbc49902ac04e1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fac0627a11208915e2bbc49902ac04e1_JaffaCakes118
Size

88KB
MD5

fac0627a11208915e2bbc49902ac04e1
SHA1

fa76e7102be9f80ad6f5a3331977e3aa1a124248
SHA256

a62e9c28d1822ffec27b6d36a68bab746f89e9c184083b3ffcd65ee3c975bbae
SHA512

b311c94b17e4eca48989e0444e38cf432f230c6cab87cad63a866fcdb999ca55e3f45a9dfb9a2dd8e61ab0996ceb251fbd6016afc8ef8f86cba04249e1b1bcb4
SSDEEP

1536:0DJ3HJh8TXXI4MWexxHL6PkB3YS6GNJAN8K1zeVHAaUO2hxhsB1hLJQSpOUKMDJu:ywTXY4krH5HN7AuizeZA2wsB1AQOoJZk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fac0627a11208915e2bbc49902ac04e1_JaffaCakes118

Files

fac0627a11208915e2bbc49902ac04e1_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE