feb23edf847a2285ddb0ff20406e9550_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

feb23edf847a2285ddb0ff20406e9550_JaffaCakes118
Size

81KB
MD5

feb23edf847a2285ddb0ff20406e9550
SHA1

b8797e00a2a5d65a8c40f7fa0bffafc8d2c90f5a
SHA256

8329a90908360dc4566c57820268704a196d7c3f7dd4b217f711658a11c09cf6
SHA512

57a85aceb654057bc4c2385f3242a7b3c5c7dc9aed23c200200fcd0a6d0dc0059080e381280f2d2a17dcb5fab375596e1c41bfc79278f317e13a6bbf764d6830
SSDEEP

1536:JrhVLIXjbLyCQpLIoOh8eXxRy+c13cLJR4G03usRqhHUXDTPSFrhPf+7:XVkXrjQpLnOh8eG1sLJ390vSPo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
feb23edf847a2285ddb0ff20406e9550_JaffaCakes118

Files

feb23edf847a2285ddb0ff20406e9550_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

xgtrwzja
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mt49p7
Size: 653B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE