5b6a8394154701bfb314e5a5be2abe23_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b6a8394154701bfb314e5a5be2abe23_JaffaCakes118
Size

56KB
MD5

5b6a8394154701bfb314e5a5be2abe23
SHA1

1c4ac7089d809cc448b27daa5fffad93b6a7f67b
SHA256

05bccfa6019f3c1603db00cbda97ff633d8c96764d4b719e4b19024a7b62b391
SHA512

8b0037a15c02ba5e6caa72d9e41fffd3c633bfea594a7ef0abaced2dc4e834d0bc13958628a40ec9c7809131c661f65979fffaa2f04110a9eda85223afed227a
SSDEEP

1536:n7JYTcyRU7/YEo5P249kltyLe9XSH3NLNF8P9NEXaczFo:n7JYTbUbhEP249klee6HFyEzy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b6a8394154701bfb314e5a5be2abe23_JaffaCakes118

Files

5b6a8394154701bfb314e5a5be2abe23_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DelSer
ServiceMain
Setup

Sections

.Red0
Size: - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Red1
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Red2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Red3
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Red4
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE