c0313c8556c275890f770ee8807a5a13_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0313c8556c275890f770ee8807a5a13_JaffaCakes118
Size

21KB
MD5

c0313c8556c275890f770ee8807a5a13
SHA1

0191ebc4d9f0ba731af3fa5906257d4fd6139800
SHA256

14a786ce1552229d25b8af32c06d90f6c7489384335e500b5395a57307f7d329
SHA512

b40e696c5f34562c28c438250bd2f0637ead2d1ad409d91c6fa2b0484883f5eae0cf38e714c6088e5395ba0fb3c8b20b69a475bdf76ff25c6a2c78d4cca374a1
SSDEEP

384:6aDOczrVipIh978wml0kb7q6k3ao8xtEAK/0QMFWtRCc1/wujDrf:3DOMfd6kXXMsvDrf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0313c8556c275890f770ee8807a5a13_JaffaCakes118

Files

c0313c8556c275890f770ee8807a5a13_JaffaCakes118
.dll windows:4 windows x86 arch:x86

053607fbd6ad825682a091bfa7ce266e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MapViewOfFile
GetFileSize
VirtualFree
CreateFileMappingA
VirtualAlloc
GetModuleFileNameA
CreateFileA

advapi32

RegisterServiceCtrlHandlerA
SetServiceStatus

Exports

Exports

DllEntry
ServiceMain

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 449B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 122B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ