0179662aab3f64d503fb9757e67015e0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0179662aab3f64d503fb9757e67015e0_JaffaCakes118
Size

21KB
MD5

0179662aab3f64d503fb9757e67015e0
SHA1

f47e35bf622810102b772599952bd525f4558980
SHA256

25689b806e832ae5335a6015f34cf58dc97658e70302b666f14b461c415e7e30
SHA512

3771e5d906331c92b4ee3f50a78dde6d2a069bcdbb0069f72c9bc5072a8ee0441e2d05cd0cebba60c65fbc177615bd4cd897d98082ecd2fb9749d7613470579b
SSDEEP

384:7WWTEcWp48f+HPFtCnqCVzgDjVVlJhnokSABHxeXl9dqA5/znlltger:0r48GHtttCV2hJtokSABReXXrRJp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0179662aab3f64d503fb9757e67015e0_JaffaCakes118

Files

0179662aab3f64d503fb9757e67015e0_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE