dbc3fdde06cb7f304c9e31c908b51249_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dbc3fdde06cb7f304c9e31c908b51249_JaffaCakes118
Size

12KB
MD5

dbc3fdde06cb7f304c9e31c908b51249
SHA1

642d7136acb2350829b02447a00480fb68e90380
SHA256

028031edd34ec21df5f60f7439d672e22465189d441703b3c025069144e11e42
SHA512

2996cc9851e25288f589f40bf7a021872c419e115e1a44d7a83c9ec810e16549ea046861c4b5a5b5f0506a09f42e7f05341270eebad0a51058b64dbee9d935c5
SSDEEP

192:JLL031vl6ntMxe2DtCA3sdsSRqIgCWcAof9HNP/cqP+DCrXCXABge:l0Jl6tMxe2Q5dsSgA8opNPkC+DCry7e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbc3fdde06cb7f304c9e31c908b51249_JaffaCakes118

Files

dbc3fdde06cb7f304c9e31c908b51249_JaffaCakes118
.dll windows:1 windows x86 arch:x86

eae17992ea7471b923893a70df25f934

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

sashost

vzstndx
vrgtsub
viidb2g
viloadv
vilcl2g
vzstcat
vzstrns
vzstrip
vztxxlt
vtgxlcb
visetupds

sabxkrn

ywocget
ypdest
yppmsg
ypplog
yppprn
yprlog
yprstr
ypmstr
ypinit
yexit
ymfree
ympoold
ypmlog
ympoolc
ymalloc

sabxshl

yspproc
ysssem
ytok
yttpshb
yttksp
yttpshi
ytrakcp
yhqrel
ytrakdp

sabxdm

yudrcmd
yunxcmd
yugtcbp

Exports

Exports

MCB_SASIMPOR

Sections

.text
Size: 7KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 512B - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ