49515d74bef4f68c273fce544ec706e5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49515d74bef4f68c273fce544ec706e5_JaffaCakes118
Size

46KB
MD5

49515d74bef4f68c273fce544ec706e5
SHA1

0e5838238087209db29013132f23476d0785d286
SHA256

d33b2e9fbfa5c992a3fdbe2a0192ea9dd3e3dbe603eea870d74513b2aa78d73b
SHA512

78921a152bdb89ef3019aba4e60f1855966b90146a6c72de0308c42d791a94c875c7ad9a4eec5bc89857f9f9134980835e34f3d1beca2e8de446fbe71560d513
SSDEEP

768:ElZA1ShtkppRTc+mugXU4nU4gaB9ZdyDiV/7q9w6aoax6Ma0Az8NgOY+d8dJ7DB:WZyEYFvmugXtnuaB5Hh7w/csbz4tYzdr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49515d74bef4f68c273fce544ec706e5_JaffaCakes118

Files

49515d74bef4f68c273fce544ec706e5_JaffaCakes118
.dll windows:6 windows x86 arch:x86

85e2e6b822043845a56d4900ef2a4652

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

_iob

ole32

CLSIDFromString

oleaut32

VariantClear

ntdll

NtClose

Exports

Exports

DllCanUnloadNow
DllCsiGetHandler

Sections

.MPRESS1
Size: 41KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE