5e8d0a7aa0f6803196118e1d7f4d6f49_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e8d0a7aa0f6803196118e1d7f4d6f49_JaffaCakes118
Size

204KB
MD5

5e8d0a7aa0f6803196118e1d7f4d6f49
SHA1

36afcf1680040ca188bbd8dfb86b7406f58cec8c
SHA256

6e995eb03cf971bbd64a50d6f4cbba724a5c15437b0665eb74e3f7eea27f2fce
SHA512

7a11302d726c715429eca72c218500ed99d46b9804b010a47a5ebf6be9e88ef3c7091b3a1959f3295425d496dd78bec26ffc587a1d56dd9acabd41e28c62f0fa
SSDEEP

3072:82bnxWI5H1g0i6pKDy91Pp+IOSbITrseUN/LPcrqZvgShQIBoZQVvBYaENMh0hQt:1Tk6yV61ncClfhQIB611q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e8d0a7aa0f6803196118e1d7f4d6f49_JaffaCakes118

Files

5e8d0a7aa0f6803196118e1d7f4d6f49_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ServiceMain
bfg_Entry

Sections

CODE
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ