38d39624d9c6e3d7541ce5d8af9c5f98_JaffaCakes118 | Triage

Sharing

General

Target

38d39624d9c6e3d7541ce5d8af9c5f98_JaffaCakes118
Size

120KB
MD5

38d39624d9c6e3d7541ce5d8af9c5f98
SHA1

f5da10b2453a34423ee178170ce4ca183020ccfc
SHA256

c73af9f3d21a96fbb355153335cd0e3370a2b88321c6f9fc99954fdc87fa776d
SHA512

3f69ccc88586b668641175a0260da46a129c94c0daa4464cf2ffd778c4681a4b128960f299cdb4d2320f0f81248952cff84fcc8f1a789637dca57e168ac0025d
SSDEEP

1536:jThq4Qcemp3z5OXDiXbR4jhii6tviq+1i1juC+Js:jd5eIzUXSwhii6tviop

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38d39624d9c6e3d7541ce5d8af9c5f98_JaffaCakes118

Files

38d39624d9c6e3d7541ce5d8af9c5f98_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE