0004c5ccd3f50d43f168b7e83a19bdab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0004c5ccd3f50d43f168b7e83a19bdab_JaffaCakes118
Size

19KB
MD5

0004c5ccd3f50d43f168b7e83a19bdab
SHA1

7ead734a602c6828510d3a63904fb14ee4257db0
SHA256

854ac27fcea20cf56051406334ade9e87b934c67649fbe448c4fc58f9870b28b
SHA512

7330eb53e58e94848f86c34b6e3e6613cf2c500a262eadea686fb07b9b216af34e988dd7d297b5450d1f0b3f439d74ac1fd2d78e89eabea4936439cc7314331f
SSDEEP

384:3WWTEcWU3sEi2AbyD0u/9/UPTHRIptbEZnjxVBztjqY/Df0T:QG3sEi9yRlsFCBSlVr1i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0004c5ccd3f50d43f168b7e83a19bdab_JaffaCakes118

Files

0004c5ccd3f50d43f168b7e83a19bdab_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE