aa2b7f5e88175f433a355e64c1dbdd7d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa2b7f5e88175f433a355e64c1dbdd7d_JaffaCakes118
Size

169KB
MD5

aa2b7f5e88175f433a355e64c1dbdd7d
SHA1

f53c523a049bec5740beec5fab67b79e6d1c4f02
SHA256

e9059d9356a9718177b492f8a0fa6ed1a0937751974f1aa1dbb3c34af914a14d
SHA512

9f9faad94d04c4cc684be85696015fd91b7c6b5b826c18ea921ade173947f00e66074b856d722b0771b8a7dd6d5bb4976e0ae6cf1d32e1105523b25d6391c27c
SSDEEP

3072:yLWbnxSZIAWn1AUC6pKDy91Pp+IuS7oTLs+0t/LvQdLq5SE4kRU09dHOIiKEX5QD:pTUZDWyV61n8iFMFf09dHOIiKEX5QuPn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa2b7f5e88175f433a355e64c1dbdd7d_JaffaCakes118

Files

aa2b7f5e88175f433a355e64c1dbdd7d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ServiceMain
bfg_Entry

Sections

CODE
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ