0023ea72415bd96a0ff66c628b342c7e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0023ea72415bd96a0ff66c628b342c7e_JaffaCakes118
Size

21KB
MD5

0023ea72415bd96a0ff66c628b342c7e
SHA1

b9054462d5edfa833c3bf1ac8ea7d112fd895031
SHA256

42e9c88c0f92b678258f991080cf4d6dea2246991965394c451ba158352a7d89
SHA512

0d480184ebb8a29ce8f0b55dbe02ba0e9b8a6bf2bc4b3e0afa6a2a375b584b5417b4ffd14d3ed2aee94b58aa1166484e8f268bfa1fb25e7eb8d7a20c1514cbad
SSDEEP

384:XWWTEcW0Dj/yZFsClGW6U6zwAjv+L2X+ba5Dtdl9XVXb+XLRsCx:w0yZFsKQwq+6Xl5z3cXVRx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0023ea72415bd96a0ff66c628b342c7e_JaffaCakes118

Files

0023ea72415bd96a0ff66c628b342c7e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE