39f68a9635afb08f8ff4bdd4c6bda80e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39f68a9635afb08f8ff4bdd4c6bda80e_JaffaCakes118
Size

57KB
MD5

39f68a9635afb08f8ff4bdd4c6bda80e
SHA1

01ec6482b92184c9a47092d990bb9991aebdfd5e
SHA256

1be268af1c9c6ead16de1cf5b92d52b23c90ed0e307c73d0e914181d821433bd
SHA512

39ccb2b068e25e4438ce1a7d21d3f2a4b17a54281531c800bdf7a6b53c2b62db5ee7befe0636cb07b1b74c2c66c1d2afaa18a009fb93f71fb1001eb00b9ffe84
SSDEEP

768:87v7/zH91MIGIbUh9XPbms9+mZbVYmMtRqVcYsihVVxr+AQM8E1cMSQ1o/CaaR:EvDz08bQ9XPbmgBVC0Vcni4MXRt5R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39f68a9635afb08f8ff4bdd4c6bda80e_JaffaCakes118

Files

39f68a9635afb08f8ff4bdd4c6bda80e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Exports

Exports

terlockend
ServiceDo
ServiceMain

Sections

.text
Size: 26KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gffdg
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vfbgf
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NewSec
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdtts
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE