cde0544c02cbbed7f37703817c4ad4a8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cde0544c02cbbed7f37703817c4ad4a8_JaffaCakes118
Size

120KB
MD5

cde0544c02cbbed7f37703817c4ad4a8
SHA1

894995f0e6534c52ab7c0009d5f3391020a688f4
SHA256

1f530af3159e16f12d67fa7ec95d3d60f2f69e5ee814c20bfdfb711b772bf3d8
SHA512

897b1f27b98e9068d4948d914e7e90e13314db9f115c528b268cf301e9cce2997fcaa6dcd4bb6ddfbf1981ea8ad96d0fce70c291b6741c6599b3bc32075f36f1
SSDEEP

1536:oxqaQuoMIiNuyoxxTh5tRIriVwF9W4T6c+BQulRuv7zx:kBoMIEHQjRIOSF9Wq+Guox

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cde0544c02cbbed7f37703817c4ad4a8_JaffaCakes118

Files

cde0544c02cbbed7f37703817c4ad4a8_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE