13e15cd389c72d2846c923bf765ddbc8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13e15cd389c72d2846c923bf765ddbc8_JaffaCakes118
Size

9KB
MD5

13e15cd389c72d2846c923bf765ddbc8
SHA1

99ceff413ba0e25e687ec5f1dd1fbe51afd58538
SHA256

f3fdf2c2d34ebc09188267b6273b9b45dcae18fc2ea12a96bdbbd4f1c3338f29
SHA512

247175d4296aa6ed8200356194ab1110149ebabc0784e8cf71fc30c5f8acc802378b8fc027ba52868f4954c4f8459f96e3d950d0bb65aec1579df06c3f894311
SSDEEP

192:6QvzPlj+7zGuWwkNJyZe+10Td9Q1uUwsx73cjQ0DvGMRLYp:6QvzPljArW3NJyZe+10Td9Qrjx7x0jGl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13e15cd389c72d2846c923bf765ddbc8_JaffaCakes118

Files

13e15cd389c72d2846c923bf765ddbc8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3a42da2fd211ad845d16521962f36935

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

winmm

timeGetTime

msvcrt

_iob

Exports

Exports

DLL_Initialize

Sections

.MPRESS1
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 986B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE