02e831348f25142590d482ca7115c0f2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02e831348f25142590d482ca7115c0f2_JaffaCakes118
Size

1.8MB
MD5

02e831348f25142590d482ca7115c0f2
SHA1

b5a11068ad558b03338047e375c80511adb2268e
SHA256

cfda3ff5aa0537a06aa141bdedb43f27dccb04356e2211059cc8b98d0fb08d59
SHA512

8d863b3bd65df5baebffe82b76ccbb72fac39d7b536336b644c4b1ff18e3839cd90076d35aadb05e886c85914a8756fcf30cd06b8832a5ab3de7b0c991442195
SSDEEP

49152:/M5bm7TSSj2ekvWK91v5BLtl61DGE9tmg1UkZY0u5eU:05bBSiVJp5HlWGE9eOYd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02e831348f25142590d482ca7115c0f2_JaffaCakes118

Files

02e831348f25142590d482ca7115c0f2_JaffaCakes118
.dll windows:6 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 101KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yxypugip
Size: 1.6MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

scrpuvfq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE