0001e43b9b8c4813b71651ab82e0c768_JaffaCakes118 | Triage

Sharing

General

Target

0001e43b9b8c4813b71651ab82e0c768_JaffaCakes118
Size

21KB
MD5

0001e43b9b8c4813b71651ab82e0c768
SHA1

1cbac60ef9531138903b93c988e0118db3265fe7
SHA256

ab5996514168201c6ad2bba16d97a8c55cdd0eb38abc3da61228df98b887c3bf
SHA512

518c90aa29430c786ee7120a201f5684250e05ef60f1e2068629afc284da490b0d994e24f28398d2bd9ff05a76891151fd16ab52b37c881f7e1e511a05c6f7bf
SSDEEP

384:DXWWTEcWkRpCuo9wq90aaPKjeRBiY2qZJoublpnL5h26P6jcL94Ev:DwCRM+4Z8K9Y7ZJblp9h2K7Lv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0001e43b9b8c4813b71651ab82e0c768_JaffaCakes118

Files

0001e43b9b8c4813b71651ab82e0c768_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE