e901e3d02bb2cc27e8caa8ea375f52c6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e901e3d02bb2cc27e8caa8ea375f52c6_JaffaCakes118
Size

124KB
MD5

e901e3d02bb2cc27e8caa8ea375f52c6
SHA1

ca1d5a04e145c70806b19c148f2fc29854f78c1b
SHA256

bddd19a20a7c918c32eaa1a229212a46344f9d8a6145618338d5381d1bc01a87
SHA512

c4e55035cf2fab6d4aada5966046da12a4cdcb467bb2dc4ab73a0e918d0b4d0e8f4d9868ec8b1308692511473dbe4ecb8934827826f9079c7ecef0b6f2bc3c90
SSDEEP

1536:DwKqbQXb0o9tPqG+FwMReigAony0fwf10:iOQ0yc+gAo/fwf10

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e901e3d02bb2cc27e8caa8ea375f52c6_JaffaCakes118

Files

e901e3d02bb2cc27e8caa8ea375f52c6_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE