b15a1af2fae0235a7807373f6971cbb4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b15a1af2fae0235a7807373f6971cbb4_JaffaCakes118
Size

144KB
MD5

b15a1af2fae0235a7807373f6971cbb4
SHA1

580791b266685c8deeb6068eeedf3c6da769f234
SHA256

d45324d5cb7d39e0c1339cfd58555bffbf256e7117384f164c40a3bdc3a4e845
SHA512

13a2d277cda42875ab6d8892bdb5d12d2496e84ca2ab34a5d2b6406719ac5c5bbe34f76f65dcf6ef2fec0061512994c39874b23ab1284912698889400375625a
SSDEEP

3072:W82+KspDBZWanCvZjVdOcgI+x/RnHn9nEnGnTn++ly9c+jKrX/TBflOW5zej:3nrCRZdOrI+x/tHn9nEnGnTn+9eT/TBk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b15a1af2fae0235a7807373f6971cbb4_JaffaCakes118

Files

b15a1af2fae0235a7807373f6971cbb4_JaffaCakes118
.dll windows:3 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DebugBreakpoint
DllCanUnloadNow
DllGetClassObject
Service
SpawnAndStart
Start
Uninstall

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 433B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ