f001b6b1bf75de16b055c3e851635ac0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f001b6b1bf75de16b055c3e851635ac0_JaffaCakes118
Size

8KB
MD5

f001b6b1bf75de16b055c3e851635ac0
SHA1

58a42674443a1f5fb581993928c6e6709427fe02
SHA256

1069935ef99da85be5fdd0701bf732b1a60ca994d82738f52b2f9c55c4fd1cf5
SHA512

c675b35215eba73cbfdb6e29f9c4b484e6d7270b497c3a4521c363426f5c0a7d07b31442eba547d89e4e67f9a38a3353f755bd392afe3168c3483e47c165d510
SSDEEP

192:OaVcow5mFvTiz7TG7cu2LuF1nekxu5LEuG:OgvpWDG7cu26FTxu5E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f001b6b1bf75de16b055c3e851635ac0_JaffaCakes118

Files

f001b6b1bf75de16b055c3e851635ac0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0fd60007e719f0004e8092b068700241

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateThread
EnterCriticalSection
GetModuleFileNameA
GetTickCount
GlobalAlloc
GlobalFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
Sleep
WaitForSingleObject
lstrlenA

Exports

Exports

CreateProcessNotify

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 478B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ