bf7c4390530227a8659723abac0a112d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf7c4390530227a8659723abac0a112d_JaffaCakes118
Size

88KB
MD5

bf7c4390530227a8659723abac0a112d
SHA1

3b82b9116ed17caaf63173afb7dc4729e1c3b34a
SHA256

4177f8ab401b85dc838bacfe70a8b85e1335a90693df968f50765997ec4fb2a1
SHA512

544ca87e9be4f5b081c04ad55485b8e01dabc2f7b462d823cf685802df47ee2d267d6ec7fbcd098399c857c18e775d6a0105a16f8e30c9bfa6cf4c36521a2f17
SSDEEP

1536:A8uAwslrMvSWd597rPIikfD5xrSn8VQqV90VX6ESuxBbwa/Dtg8Urza23SvdfjzF:A8vDlrMvxdPnkfXW8mikxlTG8U73Sv1d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf7c4390530227a8659723abac0a112d_JaffaCakes118

Files

bf7c4390530227a8659723abac0a112d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DelSer
ServiceMain
Setup

Sections

Size: - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ