fc28eacdcf5bf8e6e42609c8c29891c6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc28eacdcf5bf8e6e42609c8c29891c6_JaffaCakes118
Size

97KB
MD5

fc28eacdcf5bf8e6e42609c8c29891c6
SHA1

354d634c595f2350c06456c75b94f0d9ac9d1e32
SHA256

45e177d22209cfd169ad3edfa55ea93158591f50d5119422788b5881b327c254
SHA512

da2d2b34f745f1bf6f58a381dc8ca83b0c670e4ee23ebe35bff0b5b29f93f8d8ad11c2d33f2e5235f7c4c4fb06007c3e53b0c92c5771a6b2760a73ce9b59a06d
SSDEEP

1536:/iM6w2tDJzQS70+LeAj0dz+nprIO2FnToIfuQ:qJzP0+LeAj0dzED2tTBfuQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc28eacdcf5bf8e6e42609c8c29891c6_JaffaCakes118

Files

fc28eacdcf5bf8e6e42609c8c29891c6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ServiceMain

Sections

CODE
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: - Virtual size: