3812a0553ef828f7504f9f91db605f17_JaffaCakes118 | Triage

Sharing

General

Target

3812a0553ef828f7504f9f91db605f17_JaffaCakes118
Size

22KB
MD5

3812a0553ef828f7504f9f91db605f17
SHA1

810a1d192ee97627eb1403f7397d2a18c0a7ec41
SHA256

c9b6394a6a4bd2402720dd1b74f480248b4d685f48f003d8aee66c95bcd27d51
SHA512

b427d13c26360f87fecab7b642ffec2bc3e88917eedce2251b40f7295048d4edb94fb38530898ec4e92079c6891266cdf6d0fdab90e2ff8a1a71bd1d982c3fba
SSDEEP

384:CWeHd2vDIdFJG98WDq/Z5EEE8X/dY8TG40pKx7CSRgQZpzIzRpyTEcGmdmU:A924sChRlu/npKx+SRgQZBqpyTEZm7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3812a0553ef828f7504f9f91db605f17_JaffaCakes118

Files

3812a0553ef828f7504f9f91db605f17_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JmpHookOff
JmpHookOn

Sections

Size: - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE