f01f64d10cd0a7b27de0cad79c0e502b_JaffaCakes118 | Triage

Sharing

General

Target

f01f64d10cd0a7b27de0cad79c0e502b_JaffaCakes118
Size

120KB
MD5

f01f64d10cd0a7b27de0cad79c0e502b
SHA1

821ab0f4067d159b0e55e8e718a93dd0d79f0761
SHA256

8f8fcf9ac870a49eb22cfff1337202862404366c7934c3180e0adb8f6e2fe9b2
SHA512

fde21ad5543e2f5eedb157085ad8d7e9e84e6aa50e088a5cfcb77c6e3164d783db172167b1bf2b078d061325dee74a41a802c225effe041a04b0533d3d67a99e
SSDEEP

1536:7ZqAQ51LXJ2xPyv80tztOy5AKf5zaYuje4ygvsz5n:pY1L0SadGu1N2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f01f64d10cd0a7b27de0cad79c0e502b_JaffaCakes118

Files

f01f64d10cd0a7b27de0cad79c0e502b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE