b0318db0054c10ebc15cb24731e83dd2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0318db0054c10ebc15cb24731e83dd2_JaffaCakes118
Size

120KB
MD5

b0318db0054c10ebc15cb24731e83dd2
SHA1

8a303ee4cf292b50d041998171b9c516a2391450
SHA256

7feaaae4b4c5712d0c46a13d25e7131983cd44d4258451f211c69c4b61f9fcd0
SHA512

ad768d0fb5cb49cbd7d6e0cace83b2c48f264ff37d92686354856bff3fb119ee0fe535129f54eab7103c9a4b79790bce6360fea226b2fca83db5ba636573c31e
SSDEEP

1536:oxqaQuoMIiNuyoxxTh5tRIriVwF9W4T6c+BQulRuv7zP:kBoMIEHQjRIOSF9Wq+GuoP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0318db0054c10ebc15cb24731e83dd2_JaffaCakes118

Files

b0318db0054c10ebc15cb24731e83dd2_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE