018d27f6737afaa97c57e4e34ef1f91f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

018d27f6737afaa97c57e4e34ef1f91f_JaffaCakes118
Size

55KB
MD5

018d27f6737afaa97c57e4e34ef1f91f
SHA1

938b0f779b5652728daaf0b8529048600bddc2f2
SHA256

1420ec02145b93bc82ff544a9bcb96bd9e59a50ed9edc2bcefeb9050b02ba6d3
SHA512

4ce5ce41515fbaec7794581c85f548711dc38e58461666460ecb66cb511a2378fe5d87467486bf60c60d50426613dbe3c9e35c6de0bf0bc2f6432f0fd5113fdc
SSDEEP

768:PyOI04UeeKHeXDGOnOmhji8JT2SEgFjRE06CWbThecRQf0rsy:qORKOOmh9J5pjy0mbThecRYY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
018d27f6737afaa97c57e4e34ef1f91f_JaffaCakes118

Files

018d27f6737afaa97c57e4e34ef1f91f_JaffaCakes118
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

@Dphcrb40@@GetPackageInfoTable$qqrv
@Dphcrb40@@PackageLoad$qqrv
@Dphcrb40@@PackageUnload$qqrv
@Dphcrb40@initialization$qqrv
@GetPackageInfoTable
@Pascorba@Finalization$qqrv
@Pascorba@IDERegister$qqrv
@Pascorba@initialization$qqrv
Finalize
Initialize

Sections

CODE
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 101B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 403B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 38B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ