ed5da41c718fb90106ced7e8b2b3faba_JaffaCakes118 | Triage

Sharing

General

Target

ed5da41c718fb90106ced7e8b2b3faba_JaffaCakes118
Size

120KB
MD5

ed5da41c718fb90106ced7e8b2b3faba
SHA1

92393ac5afd43d485ea7f4ba93add182fae04b68
SHA256

6703a2d8f811c11c932ab48590530209355b206f9f71ac7fce384c7bfd383ffd
SHA512

5331667d794e21c829169dd55cf3baae9838f0ab166bf4d94f03be42afd630bda95d8731ef53f100d1e838a0778ec5bdcd105da478f988ffa96863d473c3538b
SSDEEP

1536:IoqWQ4AAp40cfnUkN2NxQVbtAXBXoyoOKNz78G:dxAN0mUdMAIP7X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed5da41c718fb90106ced7e8b2b3faba_JaffaCakes118

Files

ed5da41c718fb90106ced7e8b2b3faba_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE