5a035e4b3de7fd521da0d7725614bb79_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a035e4b3de7fd521da0d7725614bb79_JaffaCakes118
Size

20KB
MD5

5a035e4b3de7fd521da0d7725614bb79
SHA1

96a7a40f814be8c975ee213a8777ca6783a6ae04
SHA256

048846d3ce7a1ac74e952354f2953b905e0c5a513e9a98ebb62ea3ff9962e344
SHA512

cf28ab10cd1f41f0915d581ab2a504ada9cede6c7c550e882842700b5c34725e9e9a1abd00d6e72e90c15e8bc2f2bda905ebc637c32c58feaa6fe092b093a5af
SSDEEP

384:FWWTEcW7Ng9e5i28uidGmeEgsOkTDZ/D2BwbdggsWB4yRHFgVJ:KpZi2+MLEgOZrnxFZRlgL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a035e4b3de7fd521da0d7725614bb79_JaffaCakes118

Files

5a035e4b3de7fd521da0d7725614bb79_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE