64603f2dd4110e288fb703e7ab7e66a7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64603f2dd4110e288fb703e7ab7e66a7_JaffaCakes118
Size

96KB
MD5

64603f2dd4110e288fb703e7ab7e66a7
SHA1

37514dbb7c53c4bb32f26d80e65e56d8ea6bf1d7
SHA256

7710ffff0718241b33f4647b75f5b42542d80908909c3d51785ba6cc31ae3a85
SHA512

475b4a3ccc8303ec94662f37166a0723101632ed8ae42d364f7ebc2d1f69ef1383a4f0234fde803a2f99e06a3b39f21ab9eea2422054a868ce8a699f2263116a
SSDEEP

768:Hhnwici/mtQOC1mo3+FdBRp19ya9oSJ2L8n8R3q4rNTfuvr2iACgR+1mVaFmnvaU:qPltQ3xavafOcnJt0zTMz4BjucXrt9U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64603f2dd4110e288fb703e7ab7e66a7_JaffaCakes118

Files

64603f2dd4110e288fb703e7ab7e66a7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Qy001DoMainWsss
Qy001Serviie
ServiceMain

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Share
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ