fd6e37100f2091a64738780c0fa444ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd6e37100f2091a64738780c0fa444ee_JaffaCakes118
Size

132KB
MD5

fd6e37100f2091a64738780c0fa444ee
SHA1

c7c334244d14f5d9c0a51dd3d42038860b193aee
SHA256

09c7c75446aa24387cdc7cc9d14b2a4988d2f5efd29ddf3516574c0cf7b9a4bb
SHA512

0d3d2c4a2b686c6d2016174e99e67d65ae6e304c7328d8363e91c8a3f1a31a944fb86a098312906fd20b5d250ab68abbf6bf7c59d4c00488e468122ee38a5091
SSDEEP

3072:aIXH5OsYaFREidoCoz/775LxM8NUSySiPNVuSvPgrkkklZ:3XHkFafEieCoDVimSQAZlZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd6e37100f2091a64738780c0fa444ee_JaffaCakes118

Files

fd6e37100f2091a64738780c0fa444ee_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d71ff74ccfe699004afc74c243196b27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

4fbdsv984o.pdb

Imports

advapi32

AllocateAndInitializeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetFileSecurityA

version

GetFileVersionInfoA

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ