e79668ed9f6e0285f7e117e029b771b1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e79668ed9f6e0285f7e117e029b771b1_JaffaCakes118
Size

28KB
MD5

e79668ed9f6e0285f7e117e029b771b1
SHA1

40edebf809e27482c0b0542a585310714044c7a4
SHA256

74feb8a5587df28593968170f2acc8a3e992b3964513759c981194e6045a4fae
SHA512

3eff78cf4a8c7837eddfcfb8b51377a1ff242e4bda7708d89625c76b4362daa618f1bf7b6ab67208eb1a02d43bd605ace873e9e1e0325dc770d8ac16f1583de1
SSDEEP

384:oDaQHnG4c9UZYC6Fko6teMJ95iYY3sESR8b:oDjHnJ0Up6FkIMbKxSR8b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e79668ed9f6e0285f7e117e029b771b1_JaffaCakes118

Files

e79668ed9f6e0285f7e117e029b771b1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

271530a0ef63144193795d09b5ac2c05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
CloseHandle
GetExitCodeThread
WaitForSingleObject
CreateThread
GetProcAddress
LoadLibraryA

Exports

Exports

CBTProc
OPThread
SGThread

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ