16b8e5fcf5ec50f8f4b5ae6b971b53a2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16b8e5fcf5ec50f8f4b5ae6b971b53a2_JaffaCakes118
Size

1.1MB
MD5

16b8e5fcf5ec50f8f4b5ae6b971b53a2
SHA1

993e7fa459b3e526984319b418b17b1493764d59
SHA256

17d52c697831e5c238a380319ce5b3c1e186a8f87e2c68d16b13a1651b466bcf
SHA512

cc37a9da31637c6ff863a01e3561c3dbcc806a1147abdc87b3b76b0cf438dfec643a85a2318b4787a5a0804ed4d669d5e74a20ce269f2c581b74ead944221d3d
SSDEEP

24576:SMpZ4OxwR1QcQq/W7ihb4bPWmBLXvPmVpTrdzjs00i:SuNZ7Ib8ZBL2/Xx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16b8e5fcf5ec50f8f4b5ae6b971b53a2_JaffaCakes118

Files

16b8e5fcf5ec50f8f4b5ae6b971b53a2_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllRegisterServer
ServiceMain

Sections

CODE
Size: 560KB - Virtual size: 560KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 455KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ