0028917c9c18571e8c857aa986c8f228_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0028917c9c18571e8c857aa986c8f228_JaffaCakes118
Size

18KB
MD5

0028917c9c18571e8c857aa986c8f228
SHA1

2db2c6a1492d7f6ff6ab7a01bab35dd1a75ff260
SHA256

b52554ba67f95e1f6de6fc986d1ecf39f005582936f8a3b6200bf76e7cb44751
SHA512

aed1211de6353aceb4e09fb9f58f156494c462d8b07b76a1530b80ebcbba0ee9d872cf37ec664df10791d0d99a98922e037c385f9b542746f41d76fead17b049
SSDEEP

384:zWWTEcWRLpBUrGDxafnsVgK0rnA3yu7UIJL7x0ZLzoG4Z:8bLpBUr3sOK07A3SML7x0ZLzbI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0028917c9c18571e8c857aa986c8f228_JaffaCakes118

Files

0028917c9c18571e8c857aa986c8f228_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE