f85b2f099e2448dd5afc2589498ef329_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f85b2f099e2448dd5afc2589498ef329_JaffaCakes118
Size

148KB
MD5

f85b2f099e2448dd5afc2589498ef329
SHA1

c1e889f6883eb341c1463fd54bbc3a51a8c24f30
SHA256

8a6f2341b71ffccde95e617add951679dd0be4b9169e983b21bb4b2510f97eab
SHA512

0224c7ef740e2a159bc0b474203694ae896f521e2671b22cef1180664857ec76f844dd92467834c4c3c92d3b86d933e792b487f7582cd82f85be978de7db4dca
SSDEEP

3072:p/fa14YtsLNATXfwhUORoE2UuanonmnEntnpT9ai7jMBWrTBfmOYE4hn:FEsLNcXfK1oE2DanonmnEntnpL7w8rTS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f85b2f099e2448dd5afc2589498ef329_JaffaCakes118

Files

f85b2f099e2448dd5afc2589498ef329_JaffaCakes118
.dll windows:3 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DebugBreakpoint
DllCanUnloadNow
DllGetClassObject
Service
SpawnAndStart
Start
Uninstall

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 433B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ