5300d0d88965404eb93a3710ba32a816_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5300d0d88965404eb93a3710ba32a816_JaffaCakes118
Size

69KB
MD5

5300d0d88965404eb93a3710ba32a816
SHA1

9ef46d46257eba2eb3331f3c4cecc10e6ec14ac6
SHA256

dfc92759d17bbbdd2c9eee48a970aae6493769f316c80a5488448e3504a5fb68
SHA512

bb700839e2c1cb3bf81c15460616c9dc94619aee7ed4c625b79cf666627f942c008eb11112bb42302828d00837b7e1a025449ebf9c64230e438a308eb6f302a5
SSDEEP

1536:Oka6uP21eoNRiHCj/GsVGk7W8avEm7V1m29evV1n0lSD3hgk:JuP2FNRcWn5qEm229ajn0cD3hgk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5300d0d88965404eb93a3710ba32a816_JaffaCakes118

Files

5300d0d88965404eb93a3710ba32a816_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MxHookOff
MxHookOn

Sections

CODE
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ