276514fd98b2a608aa26f63ab3713054_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

276514fd98b2a608aa26f63ab3713054_JaffaCakes118
Size

9KB
MD5

276514fd98b2a608aa26f63ab3713054
SHA1

5c20928f77faf69360e734581022e6a92e801527
SHA256

051001b032eaf5f3f001974d8eab384780bc5ba066854771c1b0ce9eae5f6ea6
SHA512

ad6f0403320d716740dfd681bf0ed8b86b1f6c6353f747f27e1168cbb8a70e842ee7843f4f9e0e8d0ce8bd573599cf921980176f315054bc9b1fc41ba860a437
SSDEEP

192:eLtVFfkajj/emCe25ieUj+RKEaPjvddXhOq4TLaBQ9Et3JaDYp:6hnremCu+U7v74/aO9Et3JaDYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
276514fd98b2a608aa26f63ab3713054_JaffaCakes118

Files

276514fd98b2a608aa26f63ab3713054_JaffaCakes118
.dll windows:6 windows x86 arch:x86

2944afb4856d2c36258a0925bcc519b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

libeay32

ord2131

python27

PyErr_Format

vcruntime140

memset

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_cexit

Exports

Exports

initcertgen

Sections

.MPRESS1
Size: 7KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE