c1738a34469164fcba722846a4949a77_JaffaCakes118 | Triage

Sharing

General

Target

c1738a34469164fcba722846a4949a77_JaffaCakes118
Size

90KB
MD5

c1738a34469164fcba722846a4949a77
SHA1

72db665b08f1e90b1ace5d424ee7af20a654f9b2
SHA256

1aab7aa9f8dedee4d656a500dcdb68e31b37e257429030323c7717f0b209e058
SHA512

bdda1b2b29ce35c518d33d16a653a882a0859a51d8f7c6ac6bb8060b889f75536fdc2c924f6ede25fd15b651ae047d1f323766aa1eed1a4d2e3e537efc0e8ec8
SSDEEP

1536:buFzPhapYrxLwKqjMIMiFu4oOaSyjoJsz4rbaZo5lXoUn/Bn8xg5iWqU9gaFu4oH:buFzJapYNgjvTcU5szUbt//B8xd9ogaU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1738a34469164fcba722846a4949a77_JaffaCakes118

Files

c1738a34469164fcba722846a4949a77_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

wo8
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qwwpiaco
Size: 84KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kgmwwnt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE