177c18eac26f781f366d73f3e99aa63a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

177c18eac26f781f366d73f3e99aa63a_JaffaCakes118
Size

655KB
MD5

177c18eac26f781f366d73f3e99aa63a
SHA1

157c316798b2a53b934ecfd00bdf6209e9fd0c6d
SHA256

c730e688166706b7f22cfe412779abae2135fcec7e99287708f1fb39b55d2631
SHA512

688f4cea10e464e444d64913e1fbcfa20dd781f4d515829d1ffa34db2c379fe968db0f8f803245a7b4ad1d5572cffea02ca43c59e5f9eb19b54b08582fad13b0
SSDEEP

12288:qdmHldG9b6P8j9UhgGSdv33OGpdC+cWZ3Nu3koHH9sDLDHHeIBv7pj:qQFdQeGuuGSuGW257qHQDneIBT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
177c18eac26f781f366d73f3e99aa63a_JaffaCakes118

Files

177c18eac26f781f366d73f3e99aa63a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 518KB - Virtual size: 518KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ