f962b60c040b0410f5a0e8ef86d7807c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f962b60c040b0410f5a0e8ef86d7807c_JaffaCakes118
Size

18KB
MD5

f962b60c040b0410f5a0e8ef86d7807c
SHA1

042a532eb211a23740911f778d7200c4bf49df6c
SHA256

a44f74d58cf8f21ad128bc1c201695ac4724790108c302f085fab49b45b01218
SHA512

8d72c38f7aaf7990fb6cc76b5202bcf3d90b9755fffa2f0c19382f6a0a009c95c430917cf813d585aa8a85472fd354d3d5fbb34fece81f4ee0ee88dff1ab381c
SSDEEP

384:Sl33TM9fDJ+9URyGiuG7GtJwXZejn643phiM81S2LF45NjUjfyLgsKFbKkHl1:Sdg9fDJi0yG07Grky64XiMbUF0ksKdKg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f962b60c040b0410f5a0e8ef86d7807c_JaffaCakes118

Files

f962b60c040b0410f5a0e8ef86d7807c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllManagerReadProcess
LoadVantiDll

Sections

mian0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mian1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mian2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE