ff8c8604531baae585e45cd0073e9536_JaffaCakes118 | Triage

Sharing

General

Target

ff8c8604531baae585e45cd0073e9536_JaffaCakes118
Size

19KB
MD5

ff8c8604531baae585e45cd0073e9536
SHA1

262d1e335fbd627d7ca75260eedab1f6934d0a22
SHA256

4fed917d4f14f37602bfc9b3f8f8f0b0f9508f23a0f0086f71eced0decfcdbab
SHA512

a50c79523c8161cfb4f57909e6bb39c6c49b692e869bee6efb22384a254b0064f18f4208049c8c72c174b13930a569823e04ca2dd8437d617659f8bf44d48a96
SSDEEP

384:AWWTEcWHaBWNvMHPfSelLjGA3bdgEafDSyzGdee+9FgGcouiB66I:rc2MHPFlLK+aD5GX8CPoBB+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff8c8604531baae585e45cd0073e9536_JaffaCakes118

Files

ff8c8604531baae585e45cd0073e9536_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE