08dbf918208f44f0d74d096a901358cc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08dbf918208f44f0d74d096a901358cc_JaffaCakes118
Size

72KB
MD5

08dbf918208f44f0d74d096a901358cc
SHA1

0def86a1ad13283fe79f2e3d4f139eadd298d138
SHA256

a64997b94ebfea461c95d445a4d13aa4c4bd49604451208746d95d106b677053
SHA512

84ce422251a18bc0c3989ffd90a37f3aafe21c984fd8727384606f67f9b4f7f490dce1a960ec26b3a080204efd7bcde13b8cef19acec4ff28c534021c5f452b9
SSDEEP

1536:OqZc36GWQ679o77Kl0Evn9JKFkpQ1Ah1:OqZQmz0+l0Ev9FwAh1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08dbf918208f44f0d74d096a901358cc_JaffaCakes118

Files

08dbf918208f44f0d74d096a901358cc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

afe59ebec6abd45a42d27af4d558a489

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
LocalFree
GetModuleHandleA
ExitProcess
GetProcAddress

Exports

Exports

FMain
bvcdmxxvxhdklh
ixxaefcoaiyqleihhooaurqooytrqhjmgyru
lvxjdqeyqgqfkexlcb
wdCommandDispatch
wdGetApplicationObject
wmrruryhewqqgtmp

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 447B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ