fc2d286f07705a305ab99b137d9be0de_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc2d286f07705a305ab99b137d9be0de_JaffaCakes118
Size

141KB
MD5

fc2d286f07705a305ab99b137d9be0de
SHA1

0a89dff1ac4e0030dc4f185e9da2896406aaecf6
SHA256

47b9050aaddb2d40a8728fe8fcbb16cc02256a24623df351ba9b5f425eab6e95
SHA512

d06858617fb7f462efc0ddbfce7827371939b2cf9fa7115eff49ce7094e69de067039709875dad5818c6a8b9115f9e65a72549972201cb16b99a3d15ce6ce817
SSDEEP

3072:079ggURWlev29Hpu/D25cbwiFCRfXs31aIecvvxz27:079g3kl/5c80CRfcxecvZz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc2d286f07705a305ab99b137d9be0de_JaffaCakes118

Files

fc2d286f07705a305ab99b137d9be0de_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

ResetSSDT
ServiceMain

Sections

�Tu;0
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�Tu;1
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�Tu;2
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�Tu;3
Size: 139KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�Tu;4
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE