0002637af16243c7b08408bb85c34080_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0002637af16243c7b08408bb85c34080_JaffaCakes118
Size

18KB
MD5

0002637af16243c7b08408bb85c34080
SHA1

4cceaf14661c934a0613034fb510942b750e20c8
SHA256

ac99a7c3c461b08f45331fe296be18e4edc291c434025ac5f326fafce9e0389a
SHA512

6abef23bfd3531222a6beb46470ea329e6a76dec2bae52ea2fc4c58607f64d3db13aff88caa983899f7f77f6bee7d4f3b5cc4c4f6cd23a21bd7b1ba68e5c3ea2
SSDEEP

384:SWWTEcW14X10MbITlTII6qhqrZzwyZx2JzBOtWGJWZUPx9WD6:5f4X1iII+dB0lBChBPzZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0002637af16243c7b08408bb85c34080_JaffaCakes118

Files

0002637af16243c7b08408bb85c34080_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE