1005112504d5b9922cd54750e1a6ace3_JaffaCakes118 | Triage

Sharing

General

Target

1005112504d5b9922cd54750e1a6ace3_JaffaCakes118
Size

128KB
MD5

1005112504d5b9922cd54750e1a6ace3
SHA1

2c6692c2de1b78bf11f0d577d5ab36a327139d31
SHA256

01d11ec9c6fd0c9a0194e502f7242f36c61ba48579aec698c8d00f8e2b0b321f
SHA512

df914847a7f5ddc88d770a89c30c59739332178d658e1db306e87817fd6516db020bde3f4879f084e1ff26cb2446114c972c17719caf4cbe2aa95d48c4dc7131
SSDEEP

1536:CNuuqTXQsqhL/f2EXeJQaoi9zqqoqDp0tELBqpUHkzs225v2:tXRqhwJQm9E+p0tzDzs220

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1005112504d5b9922cd54750e1a6ace3_JaffaCakes118

Files

1005112504d5b9922cd54750e1a6ace3_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE