0004ab839171d5fe1bc9d3a06342f362_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0004ab839171d5fe1bc9d3a06342f362_JaffaCakes118
Size

19KB
MD5

0004ab839171d5fe1bc9d3a06342f362
SHA1

2a3bc4d2f6099744d99928813c6edecfd7875d90
SHA256

c4c56f1c3b187db7d8159aad0fe1f4b0bf4b08917d1f6a88756c2b460fd2a286
SHA512

81f7a05b7cbcb904f0a2d9b987bd2c0a8d1405bab5bd24820551a5f43a355b17755917ba103bd1415e36b0add8b89f695b14155abe10c0f569636b5d525e7c2b
SSDEEP

384:J1WWTEcW6Ucvf79e9LwUYuUd3uDnXywYU/nKngjmanUTdw:cYUcvUkRe6U/nKn2maUTy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0004ab839171d5fe1bc9d3a06342f362_JaffaCakes118

Files

0004ab839171d5fe1bc9d3a06342f362_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE