153d876608251818d0c40727f758d575_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

153d876608251818d0c40727f758d575_JaffaCakes118
Size

149KB
MD5

153d876608251818d0c40727f758d575
SHA1

3f0e8d8fa785b071756c57269d3a0ec41af1be2b
SHA256

0a3d53a3109e42a65ba1609cb1a741768e483712dd6ef01f8a02d57e2064bba8
SHA512

8decebeb1e5fd69d5e1bf1d71df7c958f048ab8debd6b995c3011cde0a0c059a76805a36765d3388a1eaf3ec87001f56052386720b1e937034c4621681980574
SSDEEP

3072:qjEo9cXUUSX5xvzI+LBT68QJzMiyAT52NeMzlUlrnu679/kL+6:mveXUBvEEI2NeIClTu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
153d876608251818d0c40727f758d575_JaffaCakes118

Files

153d876608251818d0c40727f758d575_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

CODE
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 205B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ