15c01476bdc68a90c0a7740c348f5607_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15c01476bdc68a90c0a7740c348f5607_JaffaCakes118
Size

157KB
MD5

15c01476bdc68a90c0a7740c348f5607
SHA1

4d0a296969a1daabd20e16cc98daeec87d1a75b4
SHA256

2857ff17856781297020ccaadf706e86ec421c21dc98a3a7e07b907f5a99a074
SHA512

c67fe539ab207b89ece69f90944380751f31128528859ae23abb5dd79ef0c5ca7cb631106737b090d2aeaf4fdb45b560f52da52c70e1c03aa7824de33f5b82d9
SSDEEP

3072:2YQ3MGtmNM0tMkSVOKZzzdD37hAvVz47rSHJb1Sl44moq74EQXMmAIaZG9qyrw:Z9GAVXIZ3dczcSHvcm/74RMKFP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15c01476bdc68a90c0a7740c348f5607_JaffaCakes118

Files

15c01476bdc68a90c0a7740c348f5607_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

RegwinPro
WLEventStart
WLEventStop

Sections

CODE
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 117B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ