b465d085a5da180419c18489a943aa3a_JaffaCakes118 | Triage

Sharing

General

Target

b465d085a5da180419c18489a943aa3a_JaffaCakes118
Size

36KB
MD5

b465d085a5da180419c18489a943aa3a
SHA1

dab29263321d444196bd7c943023aa78ca580296
SHA256

b5cf2e43120070d3c99539f114b06e361c60af72678461fd1898827d05beca35
SHA512

d7d566c41c1f6760643bd06cf3a0353b3e4c2f5b0c232c7a6970b7abf55d4fc52ac6d6230078c690bd00081f3bbfa5b5a11fac8ae49f3e6577e1e93c63937dc1
SSDEEP

384:AVqmm5MFlu0TTMFOimi/rCS+fztUmTQWOJW:mm5BV4KTGxP8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b465d085a5da180419c18489a943aa3a_JaffaCakes118

Files

b465d085a5da180419c18489a943aa3a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

89bc6ed09a6f21802eae94445463bc14

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls

msvcrt

_adjust_fdiv
_initterm
free
malloc

Exports

Exports

R
ServiceMain

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ