f4770ae2b6c030e4e4cbb4d2836a76be_JaffaCakes118 | Triage

Sharing

General

Target

f4770ae2b6c030e4e4cbb4d2836a76be_JaffaCakes118
Size

120KB
MD5

f4770ae2b6c030e4e4cbb4d2836a76be
SHA1

1d675e0858d32efec051fb599fbe870b41f0f77b
SHA256

c6eaa0f3fe1e7015e8178361eb9f39bbaf40a80595fb07f24bffb2a23cbe16e2
SHA512

7660e8f87866ac27890ee90f90d09458c7a906581883510d8a3af961d92750a83107fcb1c3dd40d23fcf5d88fbb14653b7172e43838403db966c64ca7ad88442
SSDEEP

1536:VnqYQRYv/hV6oqoBtutAughNWa4aoOYAoocVR:J0YtqoTjWa4lOA7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4770ae2b6c030e4e4cbb4d2836a76be_JaffaCakes118

Files

f4770ae2b6c030e4e4cbb4d2836a76be_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE