2eab9f7e15c6070588dc2e752a7a75ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2eab9f7e15c6070588dc2e752a7a75ad_JaffaCakes118
Size

124KB
MD5

2eab9f7e15c6070588dc2e752a7a75ad
SHA1

01cd58dd099c4a6a6d8485aaad15a5ed2e11f9b0
SHA256

e03cf94135ae6a748394e97fcd9f86f17960527a49810d234f39ab74bf7319ab
SHA512

0754b2bc0f4bc1a31989319f9dd1a325c4558397666c477cf3c9538e2dee4a2d816edaba5b646d6835436125ada4bbd3c8c8c5cd06b0672f54ebfa89288ffdaa
SSDEEP

1536:wBqWQXVQJulFuogcgmh2Rl2+pdiY9c41SFu:YeCGuogVrl2+bz9SFu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2eab9f7e15c6070588dc2e752a7a75ad_JaffaCakes118

Files

2eab9f7e15c6070588dc2e752a7a75ad_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE