4c063015e14769e1c0762c334bbba2dc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c063015e14769e1c0762c334bbba2dc_JaffaCakes118
Size

128KB
MD5

4c063015e14769e1c0762c334bbba2dc
SHA1

63454ebc40bd3148ea9e2bdec13af0a3f5016808
SHA256

729e9b7f49a60411a5eda968973d58da7bd5fb67345431ec9e1091186444314f
SHA512

88130ac1d7d6c1430c52452d38ff864be7146d87fa45cf0ec5de528104d31e2888ee48cb265b03fa38ca833b074bf15c311bdf354958d41e6585581d7d73d465
SSDEEP

1536:nCqHQ4NXkgBRWfN7fCWp5XWoJnHNXD4mlBvlqJXSWFsG:pt1ufCc5bnHNXDDFASUZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c063015e14769e1c0762c334bbba2dc_JaffaCakes118

Files

4c063015e14769e1c0762c334bbba2dc_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE