ffed95ad0c4731e57f2f5d05b99fa4de_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffed95ad0c4731e57f2f5d05b99fa4de_JaffaCakes118
Size

722KB
MD5

ffed95ad0c4731e57f2f5d05b99fa4de
SHA1

1f4592af9cd5101b8ff7cbeb58c93009351e1913
SHA256

e66c013b50a1e3446b3c3bdd62724ec17a761fb20368131e61a579f34ee96187
SHA512

e1693e5b407881441973fb5579637d93e8680fce99dbd4b4d4305900c2ab792c996214932cbc723a341ccc5c158adea2ca5383f12ffbabd0c531e05f54eebac7
SSDEEP

12288:RVyoz0yAAyaIppmsbOvmFIMa1RMBIcbjn/S0UjyDvra508IG3V7LKdYN:RVyoz0bAAbabwB/bTdvrkrlHKe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffed95ad0c4731e57f2f5d05b99fa4de_JaffaCakes118

Files

ffed95ad0c4731e57f2f5d05b99fa4de_JaffaCakes118
.dll windows:5 windows x86 arch:x86

a065115d4a3a979e1137ce810a92eefc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree

Exports

Exports

KBot

Sections

kkrkrjuf
Size: 77KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pjskuhhj
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jauuvvnp
Size: 629KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

guiwxwxs
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE