36d53b42b42960616c671db9be7c1de6_JaffaCakes118 | Triage

Sharing

General

Target

36d53b42b42960616c671db9be7c1de6_JaffaCakes118
Size

347KB
MD5

36d53b42b42960616c671db9be7c1de6
SHA1

78e29ea65dce415c2c00e3ab567047102e72569b
SHA256

1e026f3bd35bc53820eb341e3512740ce10b403545e9c6131853ab3437ba791f
SHA512

2a0a10f826f6501549968196013f80935aee7e338e17c32ad2dc8b4475c607a2f3d5a45b3911e548e009b2a3245804b839e2682e527f92ddcc096cf2cbdab0ca
SSDEEP

6144:WHxFXnrAMCqg7ozwVMLooemtXoGTJwK+yftRwC7lO/yn:EeHEjeCXoGKKztj7J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36d53b42b42960616c671db9be7c1de6_JaffaCakes118

Files

36d53b42b42960616c671db9be7c1de6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

SchedServiceMain
ServiceMain
SvchostEntry_W32Time
abc
explore

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ