ea16f4009782d1f9ffd51299efd56f3b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea16f4009782d1f9ffd51299efd56f3b_JaffaCakes118
Size

118KB
MD5

ea16f4009782d1f9ffd51299efd56f3b
SHA1

54c9523083c4344f8486423f8d2ad6e54b973938
SHA256

605b5cdfac9d3bc1ac5726d0af5ce33b1962e296d7a152bc9d8e0be7307d9e65
SHA512

15be9bf9a53c8a1b038b1e6cd9697a2bf1282eebbfac6e99cf24b4d1b18fa590cc3e6f9da607a2f1ef7a28fbbc6edab3292ad45e04e110a738fe2e4c52a5f526
SSDEEP

1536:eH2ZHhb6GAYcblIYpB5ZlsbLSLOK4BpjfAIiao/HfmmNv:6cBb6GDKOYrObLSLO1Swo/eu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea16f4009782d1f9ffd51299efd56f3b_JaffaCakes118

Files

ea16f4009782d1f9ffd51299efd56f3b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Install
RundllInstall
RundllUninstall
ServiceMain

Sections

.nsp0
Size: - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 58KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE