5fb0218387018126ea0faf33faf41f4d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fb0218387018126ea0faf33faf41f4d_JaffaCakes118
Size

23KB
MD5

5fb0218387018126ea0faf33faf41f4d
SHA1

bb649d03f9473b4da65fdb515c72871920e92b11
SHA256

91dfaccb53e59649a6b01ea1c2332a09670872a5a8750db87395a292be84b86f
SHA512

9a5a2b62e5c5d0761e8e78ec39d4f59586885ac3a1745319f46f5258819a96255c806f5290b32e631917561af8854fd127cb8d208d4f7537975a21835e7f767a
SSDEEP

384:Qd0Tl1DWAlAUxDrnJCMJp7ksS6pSNVSTAxISz+6IC6P7ph/J1U41vvOFuWtedM:Rzt7XnJB71JUSAxIS66IC6zT/J1U4FvE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fb0218387018126ea0faf33faf41f4d_JaffaCakes118

Files

5fb0218387018126ea0faf33faf41f4d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

467aba1d009f28b50ac738991c04ab47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
Sleep

Exports

Exports

Control
FreeBuffer
Release
Start

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 317B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ