c0cfd616aed8047d27544332e00b6e41_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0cfd616aed8047d27544332e00b6e41_JaffaCakes118
Size

120KB
MD5

c0cfd616aed8047d27544332e00b6e41
SHA1

041dee79580df908776d4a95d767b0515349f9bc
SHA256

d5572de898447d0e6241fa771189fc899e1023d05ba3ab335e3275d0de4f0633
SHA512

112de5fa235aaf360a0d1d047772312b1ac48723ddea02793eee94be68c9f27eda8c8385df1b0078db48fd610c2f22b5b3a6cc575e719d6fec9aed1f7e3ec563
SSDEEP

1536:yxqaQuoMIiNuyoxxTh5tRIriVwF9P4T6c+BQulRuv7zf:GBoMIEHQjRIOSF9Pq+Guof

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0cfd616aed8047d27544332e00b6e41_JaffaCakes118

Files

c0cfd616aed8047d27544332e00b6e41_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE