b04dc7e11029b635dedd8853f5e4d7f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b04dc7e11029b635dedd8853f5e4d7f8_JaffaCakes118
Size

17KB
MD5

b04dc7e11029b635dedd8853f5e4d7f8
SHA1

4950e759f927bf3401b43d1f95192b59dbdf7f29
SHA256

1a69228219ae31da6687a673c91d94f97a81867ccbb011591bfed6ac44f1ed2c
SHA512

1f60bf860f7336d8956c1c6bfbbb0d18c324cae7bf0df200eea1fd63d3902c6ae2456b463391d1b24ddfe94f0aa05d68f51f271c059a1a3fdca2eff400865f17
SSDEEP

384:cWWTEcWii3HFhstyq7jnkpzv9lRMJrDvIatY1EXnXKivi:3gi3Hzs8AnkpyJHvRtgEHG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b04dc7e11029b635dedd8853f5e4d7f8_JaffaCakes118

Files

b04dc7e11029b635dedd8853f5e4d7f8_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE