0056ad749dc708e06e29facab6e7be42_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0056ad749dc708e06e29facab6e7be42_JaffaCakes118
Size

19KB
MD5

0056ad749dc708e06e29facab6e7be42
SHA1

138a01f56c8e39d8f5f410f780b75c0591f3ec6f
SHA256

86727f3a1370368901b0a8df72117a07b030c1ff69ae1a6f326c62e36dfc3e1b
SHA512

dcb48b5380d0a7e9e88dfcd33628be4514da3012185d2ae964d53b373db1fb358f5fa8ac411e1e18e33d3037a9fe3dfc77beceaddb43f9919c01700e701fce26
SSDEEP

384:NWWTEcWrUO6qMvcq68fRZGtsn/rok7DNz+skcvuRtSsOgBCMngaeqA:C2sw3PRAq1756sPvwRcMgFZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0056ad749dc708e06e29facab6e7be42_JaffaCakes118

Files

0056ad749dc708e06e29facab6e7be42_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE