0154afff91273be1c4d5e83d74c506be_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0154afff91273be1c4d5e83d74c506be_JaffaCakes118
Size

96KB
MD5

0154afff91273be1c4d5e83d74c506be
SHA1

7ff9c355cf4637ba20092ef0ff090fbd5c355eb7
SHA256

a5fe3f0ede1ed2264003f6d22003473a372738ba2718e615ff2433c3ac5deea6
SHA512

8517953d06b93e4d50267cc2f8c9fb28ac85521b234b74eb7c653eccdcb661167bd1b134b5a3e6f99a488e8c6af9e8394a56846cf20b91d46fdd225fddcf61cb
SSDEEP

1536:GPUZQ3xawGfOcnJ/n81oz4BjucXrNFKv8H7cGXTf:SU8IwFWJ/8W0BcvI7cGXTf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0154afff91273be1c4d5e83d74c506be_JaffaCakes118

Files

0154afff91273be1c4d5e83d74c506be_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

ServiceMain
Qy001Service
Qy001DoMainWssk

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Share
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.mackt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE