5666959c8e8651e0aee591495244a2e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5666959c8e8651e0aee591495244a2e3_JaffaCakes118
Size

120KB
MD5

5666959c8e8651e0aee591495244a2e3
SHA1

0fee673c3eea928395ca91b8c29584d173d3368f
SHA256

d1f12d063418588064acd6beff54f5cb510b3ffe11a3232f84ff101c158389ee
SHA512

59a49ce2e2c986a4a08348094aecac9eca248f26a29b899a40e4c997cd20ae3cef1f3c6b915f55e0dda4861609d4c104d79f48a5a06cda1be1e2df67c9f367aa
SSDEEP

1536:vpq2QQzTa6+J9uafOmXOVv36v3qLqMtP5:nnzTkQKhXGf6v3qmMd5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5666959c8e8651e0aee591495244a2e3_JaffaCakes118

Files

5666959c8e8651e0aee591495244a2e3_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpOff
JumpOn
ThreadPro

Sections

.Upack
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE