3ef36da00c13e4613fde9ccf449b1c22_JaffaCakes118 | Triage

Sharing

General

Target

3ef36da00c13e4613fde9ccf449b1c22_JaffaCakes118
Size

120KB
MD5

3ef36da00c13e4613fde9ccf449b1c22
SHA1

72b066acd663144398f5c40002dcdcce4594a5aa
SHA256

74e465079be51f0b5f32b436a32fc8a077314d3a5774c525776d2e2ea2ef4565
SHA512

61f698047199f751c46190eae48eee277b321db33ddf4e0fa6935852fdb9117050c94818a731eafa3b38d7746752c0c98df336b75e1e9db4c4bf53d149d52ccb
SSDEEP

1536:yxqaQuoMIiNuyoxxTh5tRIriVwF9P4T6c+BQulRuv7zj:GBoMIEHQjRIOSF9Pq+Guoj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ef36da00c13e4613fde9ccf449b1c22_JaffaCakes118

Files

3ef36da00c13e4613fde9ccf449b1c22_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE