06840736e8e70b8e985c324d3c715e5f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06840736e8e70b8e985c324d3c715e5f_JaffaCakes118
Size

116KB
MD5

06840736e8e70b8e985c324d3c715e5f
SHA1

2098e2844cb20db513a20d5f6adeff0d90b0a5a3
SHA256

e826a31c1201b4f2981c9cf32110f46027099b3c90df60e24b46cbd50fec2986
SHA512

8755989ef160dee9af904d1b5802899c5b8996f93311c4daf925e0f7b66c0f1903ed92511a7cab1fa4869bc9f6b7ce7f58e8a90c44eb1a5e0766ba246386b628
SSDEEP

768:ceHPQoiZqZOdQCSCo4++CLHGElmyDYBWJTzQ+y0IOg7znR8BJggasq4bhN:cevQvZqZ4QF4gpGWJsz7FyqMr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06840736e8e70b8e985c324d3c715e5f_JaffaCakes118

Files

06840736e8e70b8e985c324d3c715e5f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE