3b6a768e65b237636fa2c192f7252708_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b6a768e65b237636fa2c192f7252708_JaffaCakes118
Size

35KB
MD5

3b6a768e65b237636fa2c192f7252708
SHA1

131295da86e3f7b076c6f76089a35f44e3e8e5ae
SHA256

d856eea0938efb2c5489c8e2990ad22df52f1342147ff9a1f7d2f3ce2a1f97ac
SHA512

e1526f8fa156511daf27aeaff9ccb17e17c0fc59858fcc93c071d8fd8905ff7e3070e5a4e99770769044d694be069c6d18cc14ba598b53f62a1d011e29782913
SSDEEP

768:FtS1C239uBZZvyg1RcFQD8oVgUTopJRLtrdG639Bq75HvuP/0c:FL2sZFZ1OKTrTopJltU6zqtH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b6a768e65b237636fa2c192f7252708_JaffaCakes118

Files

3b6a768e65b237636fa2c192f7252708_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Qy001DoMainWssk
Qy001Service
ServiceMain

Sections

.nsp0
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE