16128e5279e873a54d7bb827303a1126_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16128e5279e873a54d7bb827303a1126_JaffaCakes118
Size

599KB
MD5

16128e5279e873a54d7bb827303a1126
SHA1

a54c735e812c8c4e2791e3ec171d7dbcce761098
SHA256

c77c3fba1c444a2462efdbccf953da8e7840d52a266e907786ff777e4fd8df55
SHA512

43c105fb134fbaf6ed2d0e80becfc3868bcd7a57192516f5f60a149e6ccbfad5c76ce758f5ae7a16ed544be820c7950beabe4c0af01027bcdb7f3378c89bf434
SSDEEP

12288:VviGqB8vFJySCXSs9/NAolnnMATPDrSu9LRahAZYSJXkJs:V6Gw8Ty3XXplnjPOu9LRah7CX0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16128e5279e873a54d7bb827303a1126_JaffaCakes118

Files

16128e5279e873a54d7bb827303a1126_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 507KB - Virtual size: 507KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ