a3def3e12a960acc6371389d3489caab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3def3e12a960acc6371389d3489caab_JaffaCakes118
Size

132KB
MD5

a3def3e12a960acc6371389d3489caab
SHA1

467ef7c07817483d056c022e9d44402e4e9de925
SHA256

d9e288bd2b4eedfaa3965d774c6be830e8935a82177cb72afa6f6219bba72947
SHA512

36a02db26e15013957a93eab50b6b14ce64f9cc89605b28a6653bf7556211a58bbdc6b79324c50ccfae8a518aa602f784de6c26862182f97c6f0a713d86d0da2
SSDEEP

1536:lFt6baQcgC+Im6O4cuI/0xOqcAmqAzg4SoTFOhr/X4qz8OputLN9GkvK3:l76bBL5Kq0xOwMRSoGstLNW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3def3e12a960acc6371389d3489caab_JaffaCakes118

Files

a3def3e12a960acc6371389d3489caab_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

gytfredwse
ServiceMain
rftgyhujk

Sections

.erdf
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

edrft
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rtyhgj
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE