3cc6196d1a3ce6599f69e87a61126a3d_JaffaCakes118 | Triage

Sharing

General

Target

3cc6196d1a3ce6599f69e87a61126a3d_JaffaCakes118
Size

31KB
MD5

3cc6196d1a3ce6599f69e87a61126a3d
SHA1

1ed3057ebf5a7f0839cefa12a3de5a94f4acbc42
SHA256

cc0c84311b14ce0ebdd185e656986cb2d6fe10e49ed4bbb82179a525cc9091f4
SHA512

5375fcca5213ab947c89329c47f0ad9b9c5f8ef6d07696e3a2eb8449236fefc17657ebe8909175d06c26df37c9721432b6029b2b537b32c1f100d60a8640708e
SSDEEP

768:S/PMpN2czjvKdwdrKQBzYpTJxl/D8S/FGDZq:S/01zjvKmr1KpTJLDJmQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cc6196d1a3ce6599f69e87a61126a3d_JaffaCakes118

Files

3cc6196d1a3ce6599f69e87a61126a3d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

?g_dwOperation@@3KA
?g_dwTargetPID@@3KA
FlushBuffer
Init
SM
WLEvtLock
WLEvtLogoff
WLEvtLogon
WLEvtShutdown
WLEvtStartScreenSaver
WLEvtStartup
WLEvtStopScreenSaver
WLEvtUnlock

Sections

.text
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE