bf49a0deb4a64df2e6bbfbd8a58358d5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf49a0deb4a64df2e6bbfbd8a58358d5_JaffaCakes118
Size

241KB
MD5

bf49a0deb4a64df2e6bbfbd8a58358d5
SHA1

70d0fe4e87510ddc7355feb8bc7a99d1aaad723d
SHA256

67ce862aedf2c9c9be512ddcda3f074d23f4b5b8b853ebd84a43a6cd7c86d08f
SHA512

4ffb7609a85f5865c3a7103405e2c88fe58fdf01902b11b8bb19d5b3e69aa4cd160c7048769c46a9e696dc2ddcc08aff3f53820c44089b7fe2aed31d228ea3ab
SSDEEP

6144:H4VxH7TQHWTgiBkSMYP+mjBe+DYxS0kr5de:MFMqgiBJhjBe+DYED

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf49a0deb4a64df2e6bbfbd8a58358d5_JaffaCakes118

Files

bf49a0deb4a64df2e6bbfbd8a58358d5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ConServerDllInitialization
UserServerDllInitialization
_UserSoundSentry
_UserTestTokenForInteractive

Sections

CODE
Size: 230KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ