da17a79e9b973f430516eef78a3b34f3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da17a79e9b973f430516eef78a3b34f3_JaffaCakes118
Size

93KB
MD5

da17a79e9b973f430516eef78a3b34f3
SHA1

b4b9c5bbdab517496e9d61be4463c2c8d7211d9f
SHA256

f28932557b72fbb2052baa65ea015f161347f9a49f492d294e962988b29a86f5
SHA512

af879e31a0ad78b0d216956071944d0d7149f17003cd2ede8f265b5781c681079affb2a096e52d666fc17c8c174be79866a0faa6e9a84670d06d329826bd3060
SSDEEP

1536:ky3pncgOrIFOOicuI/RYDpQWPabX4RfqydGr/iqMBKoYBb8:t3pVyooqRYDp2IRf+MBeW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da17a79e9b973f430516eef78a3b34f3_JaffaCakes118

Files

da17a79e9b973f430516eef78a3b34f3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

ServiceMain
\wK}jnq{}
DoMainWork

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Share
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ