ebad218107563e144ab0028116c4cf1c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebad218107563e144ab0028116c4cf1c_JaffaCakes118
Size

93KB
MD5

ebad218107563e144ab0028116c4cf1c
SHA1

0392e63c67fb1d922c034f3a7311767237bad039
SHA256

3fc891b79fda7cee639030b3d982054fa1acce82d3ad55178c24a8537a7045fd
SHA512

97cce405c95cf8c2d4ed31edaccc271ac0919eab22b6afd19db5a51edda2968bdbf37b8d27577ef7e2a80d5c70cd38c8f98b8f0d632fb3bd744c904c62958beb
SSDEEP

1536:oN2gEJZOKwuNhI2H5lYXRIMQ7PKY8SZLy26VyJin/jom6F+diiP3ZjPN6R5+27K7:oNpEJZOKRhlgVrQUVwincm6QdiiRF8DO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebad218107563e144ab0028116c4cf1c_JaffaCakes118

Files

ebad218107563e144ab0028116c4cf1c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllRegisterServer
ServiceHandler
ServiceMain

Sections

.Upx0
Size: - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Upx1
Size: 92KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Upx2
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE