43618a45a3b7e524aa13b8d6efe73fa3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43618a45a3b7e524aa13b8d6efe73fa3_JaffaCakes118
Size

1.5MB
MD5

43618a45a3b7e524aa13b8d6efe73fa3
SHA1

b8bd7c92bd4c236a948a43f91fb4b0b53f8a0042
SHA256

2af2e4c9ed06db4b11c7ecf6a97822942285c5e26e29f7358613e28bd7121b46
SHA512

edf2e268d40b1339a5436919ec006141ce345e46b659436f460c331e7e883a028db5dbe59c23527515e7b419833e153e84e4f5594362e88869a26b07c3db9d48
SSDEEP

24576:VJlajsR4JlaHxI7Hh9ZBXf1E6Ehg7mM+M6RkMkIM7gE6Eh67Qc+lPY:zJO7HhpX0g7mM+M6RkMkIM7I067Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43618a45a3b7e524aa13b8d6efe73fa3_JaffaCakes118

Files

43618a45a3b7e524aa13b8d6efe73fa3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dfsvc.pdb

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.extrel
Size: 512B - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbgmap
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.il
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ