3757e1ac06e8069df199039dffb1ac18_JaffaCakes118 | Triage

Resubmissions

11/10/2024, 23:27

241011-3fr2hazemd 3

Sharing

Copy URL Twitter E-mail

General

Target

3757e1ac06e8069df199039dffb1ac18_JaffaCakes118
Size

72KB
MD5

3757e1ac06e8069df199039dffb1ac18
SHA1

fb56361263c36968239a686d3719f4b7fa0e8371
SHA256

6435c5e849db14167163366c69faae7242c36d585c7da4d1204b708ec250878a
SHA512

671b22e5de1008aa6e8094500dd336d3e6a07d24d67fb45bf5dd7540e98290ee02b76f08ddd14fccc636381a3024a9888bdc650b63fec2b57d209be1cc72668e
SSDEEP

1536:zPsX9v6oPlIVf1IFnToIf/EdHCUAZ8QAZdd+:z26JVf1ItTBf/EdHCUAZ8QAjd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3757e1ac06e8069df199039dffb1ac18_JaffaCakes118

Files

3757e1ac06e8069df199039dffb1ac18_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Install
RundllInstall
RundllUninstall
ServiceMain

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ