67dad7d70b68932feda9b275694e942f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67dad7d70b68932feda9b275694e942f_JaffaCakes118
Size

160KB
MD5

67dad7d70b68932feda9b275694e942f
SHA1

442ad3a682efae6ba09c8bb6732148cd2a88d436
SHA256

c4ccb78174f4a37d724a1472fe379b8788d66f84d82dc1287080e4221a5197ee
SHA512

0411445638e463b6c9e8550d04b5caf1a4c868235118df707a9749adb2160e6cf34d4d5f356739dce13965850b4956a13eeaa36e91e40c60722e8b5750d18425
SSDEEP

3072:LLnHyY6VXw+h5raUOYQc3uCgPFuDa9ZXiYHgT1G0XGwg6:XyYgLQc3uCg9u2PBHgJGbH6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67dad7d70b68932feda9b275694e942f_JaffaCakes118

Files

67dad7d70b68932feda9b275694e942f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

InstallRt
InstallSA
InstallSB
InstallServiceA
InstallServiceB
PSLIST
ServiceMain
UninstallRT
UninstallSA
UninstallSB
UninstallServiceA
UninstallServiceB

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xdoors_d
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

NewSec
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE