5283c685cf9dfd3be38bcd4f123ca356_JaffaCakes118 | Triage

Sharing

General

Target

5283c685cf9dfd3be38bcd4f123ca356_JaffaCakes118
Size

120KB
MD5

5283c685cf9dfd3be38bcd4f123ca356
SHA1

0d859a331ec080b0e3d2aa736701553cc436565d
SHA256

e231ec8bc142e17fd94a98a136d66fd9593c2ea951dac80fb0eafa17cd1ddb0b
SHA512

51e926fdfe1a9bbce0980f31ec248db2373bd3192815faa084dece7c1f8f8f4f2d0749bab1f2658d39bba2cc48d3e0931719bd7315bf416e7bedfc24df82ede8
SSDEEP

1536:YVq0QBiiT9uCS2TWCZ1R7Nu+RmV+0jcfNIFDIMChv:u2iisCSd7+RmV+0jcfNmCB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5283c685cf9dfd3be38bcd4f123ca356_JaffaCakes118

Files

5283c685cf9dfd3be38bcd4f123ca356_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE