728d0d5f0564a6c40f91edc90791e956_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

728d0d5f0564a6c40f91edc90791e956_JaffaCakes118
Size

120KB
MD5

728d0d5f0564a6c40f91edc90791e956
SHA1

bdf7247163dc8c1a1f8eb57ebac64a99afc1a9fb
SHA256

c4ed9b837fb87c23e3060cc0492d321faf10289163a7ed0b8bf1ddc939eff448
SHA512

b356065896569c9440dd83b601f6b2fb77374dc0ca712d40370efdcbd50d9f00f0f1a1d881527a42a50d6f374aa67d0e4c02bdea6c51dc313816327084ed2f71
SSDEEP

1536:Z+qCQmOszcIoWkwKnlAlv4Jpo0WZvozv/rEpncOOa:m3OeoyH2gNsgcOn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
728d0d5f0564a6c40f91edc90791e956_JaffaCakes118

Files

728d0d5f0564a6c40f91edc90791e956_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE