431fc4cebb1f38ed90cffb0f4ca8fe14_JaffaCakes118 | Triage

Sharing

General

Target

431fc4cebb1f38ed90cffb0f4ca8fe14_JaffaCakes118
Size

11KB
MD5

431fc4cebb1f38ed90cffb0f4ca8fe14
SHA1

9dfd0e9586c1a89860e888e2ed7ebb1ac8c8a1a0
SHA256

13ca8cd55f1127f9c1ef505acba24ad70182cac1b68e62a7f500258251740fba
SHA512

89a3bd5a07d3422f41c3f7d48aa802e93c3802529f5c06659d14cdd3fe28df61bc202ba319b583c684dc9be5e159f057ac5203d44018390b3ba05e5d7c1912d4
SSDEEP

192:pIARXtlerO/BOn94lbV++ImgWfxYFegDwn9AAHDRgGGkqOd6hldYp:bRXoO/pV++ztxqecwn9z1Rd6hldYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
431fc4cebb1f38ed90cffb0f4ca8fe14_JaffaCakes118

Files

431fc4cebb1f38ed90cffb0f4ca8fe14_JaffaCakes118
.dll windows:6 windows x86 arch:x86

d6bd42d6da875c4beaef22bdab00a424

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

python27

PyList_New

vcruntime140

memset

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-runtime-l1-1-0

_cexit

Exports

Exports

init_patiencediff_c

Sections

.MPRESS1
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE