fb01b7ddb957b8c7cae0feec236cad23_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb01b7ddb957b8c7cae0feec236cad23_JaffaCakes118
Size

254KB
MD5

fb01b7ddb957b8c7cae0feec236cad23
SHA1

a4ac3ed1f4b2692e2e6db32d552c9fa08845d895
SHA256

c037eae36dafded4ad4fefb674cb1dccb1bbd494ddc68fddc099e151057c44d6
SHA512

a3c570df8992c75401bd2a99e2b03e682b6e99c1c1bc941bedee69f258d9e2c74aef7b94ba72ce81dde640b85dbd3ab21dcdc82d57ee29d41f4915da4ee5d7f0
SSDEEP

6144:jnt5bgKcaHG6DEALBpY/l6HJsU7y7ea+m+Ew3qGSaH5p:jHbglapTrIMWjea6Ew6G9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb01b7ddb957b8c7cae0feec236cad23_JaffaCakes118

Files

fb01b7ddb957b8c7cae0feec236cad23_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
InitSecurityInterfaceW
LsaApCallPackage
LsaApCallPackagePassthrough
LsaApCallPackageUntrusted
LsaApInitializePackage
LsaApLogonTerminated
LsaApLogonUser
LsaApLogonUserEx
SpInitialize
c
f
o
s

Sections

��
Size: 512B - Virtual size: 392KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�
Size: 242KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ