0000e7691e589f04870f04f953e5fe0b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0000e7691e589f04870f04f953e5fe0b_JaffaCakes118
Size

17KB
MD5

0000e7691e589f04870f04f953e5fe0b
SHA1

9ac8d65c841576330cf462f04dafcb9f56ed5a16
SHA256

79c539e40628125606586a4793247433e351e1140d77c7d049228061f735d666
SHA512

2ec853ca452d693a070c58750a925c8c1f942b42300ff6f4a88e2af0ae5a80d2042d8d1ab42228b9ceb5cb1279a0b733b2851ea666ef8d84ce2689a0d9cc6445
SSDEEP

384:OWWTEcWLK92zrd1PRfE5nC9AxglSaQY4A0GTX0F2EbfB:l7znR8BJggasq4bZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0000e7691e589f04870f04f953e5fe0b_JaffaCakes118

Files

0000e7691e589f04870f04f953e5fe0b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE