fb8a3011789ac753e6171f939e45a9ac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb8a3011789ac753e6171f939e45a9ac_JaffaCakes118
Size

144KB
MD5

fb8a3011789ac753e6171f939e45a9ac
SHA1

cbdaea2c8074210167a4d3477ab67fbc333fb136
SHA256

02387428d4be6dc6496b4c3ac043a1567238c8ad770fd40200337f99385ee4e7
SHA512

56850bb3414417e240b1378af1cdc3401d95746e8903546822cc17d290f8cc0ad63771540c84c96f6d7797139aa4b140d00a76dd3d72c644147cdef5267da145
SSDEEP

3072:LtsxYQz6+nr/jQGUHyxIi9HafWt0fKbPILL+Z:L+x3rbQGUSii9HcK0fqIOZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb8a3011789ac753e6171f939e45a9ac_JaffaCakes118

Files

fb8a3011789ac753e6171f939e45a9ac_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DelSer
ServiceMain
Setup

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MaskPE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ