41eb5bc2499fcf71d2031740b4ef636e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41eb5bc2499fcf71d2031740b4ef636e_JaffaCakes118
Size

120KB
MD5

41eb5bc2499fcf71d2031740b4ef636e
SHA1

781d02ac875ed596498b51b07e7e784a30e06f3e
SHA256

c0ec2dd4c17bcaf84c3a4d8293f77f4ab7d8bd61af97edb6ae9bf19ddf0084eb
SHA512

16d85b038d6ac6dcbc80ae6be631dd07ead198172bf27aff9c23a0be092fe62ac2d414b5aa2a5b5d288bd01c1e189934eee9ada286f83fe1f133245b6587c972
SSDEEP

1536:qBqeQDTXJy2lNGshAZXFZAf9hjWJkvl0Kqdw/X2l:eiTXdGshw0eK95qoGl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41eb5bc2499fcf71d2031740b4ef636e_JaffaCakes118

Files

41eb5bc2499fcf71d2031740b4ef636e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE