fa48fbbb15b345459a6c59ad00104ccd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa48fbbb15b345459a6c59ad00104ccd_JaffaCakes118
Size

160KB
MD5

fa48fbbb15b345459a6c59ad00104ccd
SHA1

7a9a630118edc78c447bf9075ab0adf57fb62652
SHA256

d707fcf19a608125e743755f1e898c07727067bdbb9bfa62b62f2b250bc810b2
SHA512

64d1c6cddb7175070ddde3284853a691b18b4813ea27f1ea0a04f76f8174e2cf1e737f7a842a9edf4eaf3076c287921c91695482802dcad2cee617a0cd46f281
SSDEEP

3072:TyxH4nDbfagCqKZk5yY/rWnuzWqqxt9oUD/9hQfx2/xr6qIDBIb2cpYAnN4Hs:k4nDWgRAkPrEuKqqb9P9W3k2AnT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa48fbbb15b345459a6c59ad00104ccd_JaffaCakes118

Files

fa48fbbb15b345459a6c59ad00104ccd_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BITSAlloc
BITSFree
BITSServiceMain
BytesRemainingInCurrentRange
CNestedImpersonation
CalculateBytesTotal
DllRegisterServer
DllUnregisterServer
EmptyString
Find
FindInterfaceIndex
GetSubRanges
HostFromProxyDescription
MyLive
PROXY_SETTINGS_CONTAINER

Sections

.textbss
Size: - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 370B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 447B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ