3b43f8712b2e310cc5f706873ebaf0e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b43f8712b2e310cc5f706873ebaf0e4_JaffaCakes118
Size

2.9MB
MD5

3b43f8712b2e310cc5f706873ebaf0e4
SHA1

38197f6e39f8a21356a9d98f297635791a395803
SHA256

4d739501b2defd977d309531d12f127f00a4371d1331559a8edb5f57220cd55c
SHA512

a889ca4d3235b5dcd53f41904512813b06485d18e39da906a00782b919eb498204bf5d74d55b945b76143577dc3a89e03d006d42fa15fe522f55d906a58f2ae8
SSDEEP

3072:Oc8d7JiFHPiQzTYWT9eodH4MiEzhl5pa9LLBSMH3HKRucQXlHbjObj:ApwxuoOMTlm9LL1H3HBcs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b43f8712b2e310cc5f706873ebaf0e4_JaffaCakes118

Files

3b43f8712b2e310cc5f706873ebaf0e4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

RunAs
SensNotifyNetconEvent
SensNotifyRasEvent
SensNotifyWinlogonEvent
ServiceMain
StartAs

Sections

CODE
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 13KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 205B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ