fa063ff991c08cd8b8ba289b221ac6d6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa063ff991c08cd8b8ba289b221ac6d6_JaffaCakes118
Size

122KB
MD5

fa063ff991c08cd8b8ba289b221ac6d6
SHA1

f3d0daea9ec33d6352df6fa4b6732040010b7c29
SHA256

6f0c8fd4ebca7f38fc4a5cdca3825d667de43112f1a6110e117ddb7897edada2
SHA512

3b7ac99f11273884b3c5b3c745529dcacb0ed66b907713154132710a4892f3f2edea466bba3d8c9cfdecf65db902b2f6bf2a65795e9d9a492923a9c5757aee73
SSDEEP

1536:BEdkmBFv5srtU33n9g+ayE0mSOAW8L2kuZvw/5JOwv4KLc1tf9mmUpIIO/KBsC03:KnDvctUdFhWIfuZY/v4Eqmm1/Os15pm0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa063ff991c08cd8b8ba289b221ac6d6_JaffaCakes118

Files

fa063ff991c08cd8b8ba289b221ac6d6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

FriendEx
Install
ServiceMain
Unstallx

Sections

CODE
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ