b7f46bd7c2dfa197c036f7ab992f328e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7f46bd7c2dfa197c036f7ab992f328e_JaffaCakes118
Size

166KB
MD5

b7f46bd7c2dfa197c036f7ab992f328e
SHA1

fcc8e584cae74201d292b97af596e0cfec0e6971
SHA256

4fc6cf84c6ee539a7aee23c0256791bce0f83c1378ac0ae6583bc48540e5e473
SHA512

37fd1d711ab35082384582b702f21bbef949f54dcfd3fa80afa439e51681ff21a2ea1c8c53bd34f8b9d109855ed3c71a4f693f2c3a3bde4db871e98897779724
SSDEEP

3072:30f/ngJa3Gy2WEmawfrN/HcCWJ00kIq9nSey2jaLTgXzacMV4qRN/r:Ef/ngJOGy2WB/8CGYIqdS8Xz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7f46bd7c2dfa197c036f7ab992f328e_JaffaCakes118

Files

b7f46bd7c2dfa197c036f7ab992f328e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

604af5cd27fa86801742fdf7dd75fd6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

NtClose

basesrv

BaseSetProcessCreateNotify
BaseSrvNewObDirAcls
BaseSrvNlsLogon
BaseSrvNlsUpdateRegistryCache
ServerDllInitialization

Exports

Exports

BaseSetProcessCreateNotify
BaseSrvNewObDirAcls
BaseSrvNlsLogon
BaseSrvNlsUpdateRegistryCache
ServerDllInitialization

Sections

.text
Size: 164KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ