385a8dd97e97615831ac09a8542238bb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

385a8dd97e97615831ac09a8542238bb_JaffaCakes118
Size

128KB
MD5

385a8dd97e97615831ac09a8542238bb
SHA1

e2815ff7d0a8ee35d1b318ccc411f875af6aa182
SHA256

f9dfd91e6a8984a4f602d24a3cee2e2b2e4fd3683a50061354d4967cacb62049
SHA512

a9eddd74dc9858f10298448de0c8629ae8e1248dcf1362df599900002d38751a5e0304b3af7d090ba681c8a88ddd420be7ce0df4c31d083fda6bebca56acf1ef
SSDEEP

1536:Dcqq7Qvg/NcHAsipS4F4smqP84hYv0wno2:DOKgNvw4KniKv0wo2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
385a8dd97e97615831ac09a8542238bb_JaffaCakes118

Files

385a8dd97e97615831ac09a8542238bb_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE