37df07224560b97aea1528fae3789f7f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37df07224560b97aea1528fae3789f7f_JaffaCakes118
Size

317KB
MD5

37df07224560b97aea1528fae3789f7f
SHA1

2107bb06dd72d1d0349d51b850b4c2958f7647db
SHA256

cb579078dc823e6e839520c796139fb2ff6b421294f334d550591c492b4ed62d
SHA512

37dd8cab64ebe9044d0888a3e1c4a1d01074818b32b289980e13f9a91c6b9d888446f207478d80bd67a31d3d5077e1ed0af359b1cbf4c4e289b57b09bc7da3e9
SSDEEP

6144:TN6Kdzf78bCkVpl4nDWgRAkPHGQn8xID0DMFXPbG9W+Zc2LGZcL5Ubb/Ov:pbNYb5VyR3PHGLxe0DsTwLZc8GZU5uQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37df07224560b97aea1528fae3789f7f_JaffaCakes118

Files

37df07224560b97aea1528fae3789f7f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllMain
Install
ServiceMain
ShellMain
ShellMainThread
UnInstall
zxFunction001

Sections

.textbss
Size: - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 309KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 99B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 201B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ