3ba0b4fa78f6490e91de82c78ddf8717_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ba0b4fa78f6490e91de82c78ddf8717_JaffaCakes118
Size

128KB
MD5

3ba0b4fa78f6490e91de82c78ddf8717
SHA1

79d5c69afe41b4d52759d118591d2d8cb9022cb0
SHA256

e50c2931ee75faea25f82653f43a67e2c690d8642dc39979b0ea08886275b2b7
SHA512

b3d7a8af5cca0a9cf158e66b23cbed9a7d203d95df8892b4d93d1aa8bea1e6c05b3b7ecbe70cd68609a35c1d762ab497e44bd0ffa448b78aca8ce69aa16c7c9f
SSDEEP

1536:Dcqq7Qvg/NcHAsipS4F4smqP84hYv0wnoa:DOKgNvw4KniKv0woa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ba0b4fa78f6490e91de82c78ddf8717_JaffaCakes118

Files

3ba0b4fa78f6490e91de82c78ddf8717_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE