1276de127ffe09fb259e6fa3fe95cced_JaffaCakes118 | Triage

Sharing

General

Target

1276de127ffe09fb259e6fa3fe95cced_JaffaCakes118
Size

1.9MB
MD5

1276de127ffe09fb259e6fa3fe95cced
SHA1

3bd68d4cf24dd5829055651be9a719c1484a4c7e
SHA256

2126432b5016f477269c471db5d1cde677d78f9b46b946b85fb3744b9143e4d3
SHA512

eb2154089733f87abda07c57084cec09ea8f7b7ced248a1f6ee793534283b937071340b559df0e4c8407c5ab6b4867cacdd1ee4c16c3b53c6396f8728bcdc638
SSDEEP

3072:Oc8d7JiFHPiQzTYWT9eodH4MiEzhl5pa9LLBSMH3HKRucQXlHbjQbj:ApwxuoOMTlm9LL1H3HBcs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1276de127ffe09fb259e6fa3fe95cced_JaffaCakes118

Files

1276de127ffe09fb259e6fa3fe95cced_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

RunAs
SensNotifyNetconEvent
SensNotifyRasEvent
SensNotifyWinlogonEvent
ServiceMain
StartAs

Sections

CODE
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 13KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 205B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ