8b13e2579e28ac3173bdf25d3dc9d0a3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b13e2579e28ac3173bdf25d3dc9d0a3_JaffaCakes118
Size

208KB
MD5

8b13e2579e28ac3173bdf25d3dc9d0a3
SHA1

c1c0cc87de6cf8a784f23ad8d946512e4f9dc282
SHA256

aa8b67ac5e7231a3962759e79be1e28064543d07f1da75861ddd3f4d7f08e876
SHA512

b696da19c983aed38bff74ec7c12abc4e1ca7103ef3989b5a59f4daed8c7d21d5e9a4050ced1b2b1020676e73abbfa027df97dd5915544a444d6618c2bc9e1b6
SSDEEP

3072:ZW294DUjWQ+ixeqnQMfTZsKzQg15E6uyYKBK3mXeI87zbjqyORcfUTBKk6:ZWIxVsKznuQEmXv87zbjgRc8u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b13e2579e28ac3173bdf25d3dc9d0a3_JaffaCakes118

Files

8b13e2579e28ac3173bdf25d3dc9d0a3_JaffaCakes118
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

System.ServiceProcess.pdb

Sections

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.extrel
Size: 512B - Virtual size: 169B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ