2a866d71efdf5c008455aaf496c9d400_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a866d71efdf5c008455aaf496c9d400_JaffaCakes118
Size

26KB
MD5

2a866d71efdf5c008455aaf496c9d400
SHA1

2a99153a06113fa5b80b346e83431f96cf0fa246
SHA256

2c8c072be646bb9a4af74f083bcc6762d1a78151ebf054844b936534ebc4d8d7
SHA512

d9d0e078d0a04c81e2e91b7bae959a69fa7826a751614b7fdbd065c1f7aec6bf4b0809f61268916fc1ada90ef68185fea95d5d40ba830d18797d42251bef7256
SSDEEP

768:ZkRQBiDsH8DxL2ht62Hd1ZwfCLG7m2HBbKMK7D:iti8Dx2V3ZwyGPBb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a866d71efdf5c008455aaf496c9d400_JaffaCakes118

Files

2a866d71efdf5c008455aaf496c9d400_JaffaCakes118
.dll windows:5 windows x86 arch:x86

79b3362178937bf9559741c46bb9e035

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

ov_clear
ov_info
ov_open_callbacks
ov_read
ov_time_seek
ov_time_seek_page
ov_time_tell
ov_time_total

Sections

.MPRESS1
Size: 22KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE