5322bf5c4e62be99dd94eed0ce0f30a3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5322bf5c4e62be99dd94eed0ce0f30a3_JaffaCakes118
Size

120KB
MD5

5322bf5c4e62be99dd94eed0ce0f30a3
SHA1

5d483c8c9392599dc47d829078372dcf49d85a5e
SHA256

dbb0b639d18d61541ae75307f1a7c36efd5a6544f4e46dadb4b33580ebd7ebcc
SHA512

5f240abbb9f5eab7a634aa6372a1e7a89f98495362f215a7e2601f91f03d3464994cb051a02054fc4c58af387642f894de1ab95a535490610b8bc9b41da07317
SSDEEP

768:Xy5q4QGnoI2PHJdvrGFT72G3qnZ/lJzgr9rqQD+AfqkQwEANiBqCXpqR:i5q4QctGTe7O/PUrrD+Sq+gqCXpqR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5322bf5c4e62be99dd94eed0ce0f30a3_JaffaCakes118

Files

5322bf5c4e62be99dd94eed0ce0f30a3_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE