3694857a81c16e80e8a335137717ec32_JaffaCakes118 | Triage

Sharing

General

Target

3694857a81c16e80e8a335137717ec32_JaffaCakes118
Size

93KB
MD5

3694857a81c16e80e8a335137717ec32
SHA1

94be33fa6d0f9b6e6070187f7e913919b08069a1
SHA256

0d2598e3012f140038ec37a39f7a5110db3c6e46e9e73de09c83e5febe33d3ac
SHA512

c76ac0265fd5697ac4aa76c7e258cd01b82218d8121ff151ba54ab481f9143b46779181324d2feab151ff3a369dc71f4e3d476399d612d2814020ff0a40acbc9
SSDEEP

768:R7n7CjoN5rc4xY0+VR6SANdDid4es7FD729Qas0DHSNfO:R77O85o4xY0IqS4esBD7Cjp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3694857a81c16e80e8a335137717ec32_JaffaCakes118

Files

3694857a81c16e80e8a335137717ec32_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

ServiceMain
ResetLMWH

Sections

.nsp0
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE