7817c0428c2408d63e38aa3d176e736a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7817c0428c2408d63e38aa3d176e736a_JaffaCakes118
Size

702KB
MD5

7817c0428c2408d63e38aa3d176e736a
SHA1

c6c9555f3628889c9657ff254cb5949eed7397ed
SHA256

af1b305c834eac962129888163df1903c2bc314e01a245c42e4dabc589d95bd9
SHA512

17cfb539e907d68e2612e4e97900ef349734d137dddc09d41b77ec0953f6095d4e159d22d2ef22825174ad98f8041be3db59eb3094fa46e8f36c908bac5178c5
SSDEEP

12288:KzEWPHy5V2beMACDfGeDn9vjgCTbXH6yL27Bcm76GX2lH/yff6a:KzEWPHyH6D/Dn1k4Xp4T6GK/yd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7817c0428c2408d63e38aa3d176e736a_JaffaCakes118

Files

7817c0428c2408d63e38aa3d176e736a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.nsp0
Size: - Virtual size: 14.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 701KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE