16e44c67735c68ccf78eb60abf0a2b5e_JaffaCakes118 | Triage

Sharing

General

Target

16e44c67735c68ccf78eb60abf0a2b5e_JaffaCakes118
Size

80KB
MD5

16e44c67735c68ccf78eb60abf0a2b5e
SHA1

b337cb89d3b71e71d6da340135c5e704a1326db8
SHA256

130203abf5c9e5af5d598f8a190457a7298735e07d7b0c43a8793c82e6fd7d67
SHA512

41bf087f32a40f31984623df98307048ced8ff74ca5b2f9d0955ace00159847f271a8fe527e55787ebad21982697134be645ceff9a36dd16192b78e26c9c2f31
SSDEEP

1536:HwUPYbB9fyHuX05mBTJxu1UjQ+0KJGUOgbOT2MKAyj+V+P:QUwbBlyHuX0U9xuWQ/KJgqaKvW+P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16e44c67735c68ccf78eb60abf0a2b5e_JaffaCakes118

Files

16e44c67735c68ccf78eb60abf0a2b5e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

cvduat
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hvz
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ubpw
Size: 624B - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE