6ac9826e316667bc2b31593b15addf49_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ac9826e316667bc2b31593b15addf49_JaffaCakes118
Size

18KB
MD5

6ac9826e316667bc2b31593b15addf49
SHA1

48913ab2923ba5b65b0be585c8e4eeb56bef215b
SHA256

65781af93e139a16386f6912a704f202578c5f61cda32504a3390ebd9764b444
SHA512

bc5d7cc9c47ccc8f55bc5ebf9daf533e011cebf6ebc5ad95007273a20d1df033ee90e0f2bb59f3bb23eba1f16064aa53485b89f3ad781723e3dd1550dc54b946
SSDEEP

384:DbWWTEcWI2LAwCxF+WrTl0FFHYx8xHbwF34otX7kIreJ:I3AwITl0FhH5bwVZtrDeJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ac9826e316667bc2b31593b15addf49_JaffaCakes118

Files

6ac9826e316667bc2b31593b15addf49_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE