2af6c01d41e5bb44cdbcbda2c9675cc9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2af6c01d41e5bb44cdbcbda2c9675cc9_JaffaCakes118
Size

124KB
MD5

2af6c01d41e5bb44cdbcbda2c9675cc9
SHA1

a15cd533ad3d0a486a2ce375648431dad595b63e
SHA256

0196a85fcc9181585f16e962e5252e5aa296c7757daa4f89ab7478baff7f2e4e
SHA512

a538720576c0ee69b262628bab3dfc2078acca41a3e5a25f6043d20dd859324d6f41ffb56e2c1c9075b99f9a5484efe4afb54466e84d0689cf02f0d5214db9ca
SSDEEP

1536:DwKqbQXb0o9tPqG+FwMReigAony0fwf16:iOQ0yc+gAo/fwf16

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2af6c01d41e5bb44cdbcbda2c9675cc9_JaffaCakes118

Files

2af6c01d41e5bb44cdbcbda2c9675cc9_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE