12e4adcb609c639b5eb4c99322652561_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12e4adcb609c639b5eb4c99322652561_JaffaCakes118
Size

20KB
MD5

12e4adcb609c639b5eb4c99322652561
SHA1

f62944b8baeb6b46403fcd362b8fb38b6005f2d8
SHA256

d111324a50cad51043265ab06133e2dda6b650d7c41565ca685575ee95b6c357
SHA512

45259ffd57b77784a5e2bf7fc2ce35953bf61cc49c8c0140907496f1ee0f5c9e47f9a099121675e8422aff87eadf1b0ecf533c18782712340254ab93a3b8e21d
SSDEEP

384:4WWTEcWGPJO3U2ztAwRXVRDjaoxAkQR20qS/Tzp0NJNiFBqCACpS/:zqQD+AfqkQwEANiBqCXpi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12e4adcb609c639b5eb4c99322652561_JaffaCakes118

Files

12e4adcb609c639b5eb4c99322652561_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE