feb014fdeb9e1068231742c7306cebb0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

feb014fdeb9e1068231742c7306cebb0_JaffaCakes118
Size

88KB
MD5

feb014fdeb9e1068231742c7306cebb0
SHA1

e08a1e3673e6c5e9c81a0fe9cba24b75fab4a294
SHA256

db5ad2373071470bfbbada46e65d7eaf60ff107ca3cd8b71825293f8ba37d120
SHA512

d2b63ab161d8b041397b6312638f417bdd8e082a69013a5a345efae5fa93f32b3c139034db00bd0153552b6c37b5f37cfbbd55531bee69fc72b0ab6e14b7ef9c
SSDEEP

1536:pNa001DDnUECW43zZuuTa29SwWrkl+frsz4rbaZo5lXoUn/Bn8xg5iWqUh/LQp/e:Dj0tU7ljnu29SwWS+frszUbt//B8xd9w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
feb014fdeb9e1068231742c7306cebb0_JaffaCakes118

Files

feb014fdeb9e1068231742c7306cebb0_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE