15e91c017bb2cf299dae9cf339ede762_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15e91c017bb2cf299dae9cf339ede762_JaffaCakes118
Size

80KB
MD5

15e91c017bb2cf299dae9cf339ede762
SHA1

d48aacafd16051416d4e41dd9b45fe550c6b4b6f
SHA256

e7ac4f3922e1153f3589d8e2515b3a1bd97dacbc8bd622b55c398417858f5a03
SHA512

39313ca0fecebd36d1b09d67b8d6470c7c2ee608a2fc9a6a606050cbb541e4d03c19826468f1e63885c1554c570a492535304bd77c322b2e8be4a9a8c5659903
SSDEEP

768:2SFH1UlK7X2kqNNawhvgYu8yCp/GnpU4+MDlh0PEwdPckW8janJpoGxPTwg+H:2YH1UGQN36Yb/WWMD4PEqPWJGYTwg+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15e91c017bb2cf299dae9cf339ede762_JaffaCakes118

Files

15e91c017bb2cf299dae9cf339ede762_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Install
InstallSvchost
Run
ServiceMain
Uninstall
UninstallSvchost

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ