001f8ef326dce0b114f34a0ecede4d7c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

001f8ef326dce0b114f34a0ecede4d7c_JaffaCakes118
Size

18KB
MD5

001f8ef326dce0b114f34a0ecede4d7c
SHA1

70a87975b517941aa2664e2afd77ce10d0924e7f
SHA256

48ec4b91dee6bfc82c4419e73ad0b7611493648125dc6a1871852c81d7c1d933
SHA512

ca03ad087063ce475e08bce69ca77b285ba087159f4513943432aa7f7654e15d3583ce09b256b31ca8160bcb52ba06af0c9f29fc8d595092a2985459aff0497b
SSDEEP

384:fWWTEcWaZwSpjNfMQTLhL0EnDj3k7xIrRHkNEwfgxFAjtFCfr:IApj5MQT9L0iDjgxTec4FAjtID

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
001f8ef326dce0b114f34a0ecede4d7c_JaffaCakes118

Files

001f8ef326dce0b114f34a0ecede4d7c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE