fe53243089f326b080e2bf2fb42ab09f_JaffaCakes118 | Triage

Sharing

General

Target

fe53243089f326b080e2bf2fb42ab09f_JaffaCakes118
Size

87KB
MD5

fe53243089f326b080e2bf2fb42ab09f
SHA1

8d770023cbf1eb45e4d324650de291f3a17925ab
SHA256

2bb26c05cca6ab35d4abac6a29712031c42cf4b43e97d80f89252d11ae840aae
SHA512

518f301c3b64f0cb4ab8930c7e44d0a0ea0a0df2dd67e24106fb91dd29c47e21f44d25c2e88cf4e375902f3c618d381aaf02749786d3f394cbc0953ecf918ae8
SSDEEP

1536:B6lMj4dRzmuV/TXXIYDkPmaCtcCuhW81JHyHYBvRk4OxsrKRZyHuBqHK9V2ZsHE8:xjOzm2XVQCmCuhNhLpuxlbBhpT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe53243089f326b080e2bf2fb42ab09f_JaffaCakes118

Files

fe53243089f326b080e2bf2fb42ab09f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE