6dc3d6f0317cebaa3e3552bda3c44c43_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6dc3d6f0317cebaa3e3552bda3c44c43_JaffaCakes118
Size

33KB
MD5

6dc3d6f0317cebaa3e3552bda3c44c43
SHA1

9d4f8788badc70332ec313f4d8e8e1ca6b14cd41
SHA256

623e5a9ccb33853236bc46d63805cd058a922198c1858f626de81f9951c04031
SHA512

e5ac35cde94edf70678502bd4e31af075b7d5e1f849a4bc20d0af57deb4e1e69c794a961b23fc617140e4c689671190707524e63610ff99e705acec2c756aef2
SSDEEP

768:sp0e39HOQXxUZC6VQSf1fKqCNl1IMQpoX6x9L+JcvOnTub7D/:Ve3g0qZlVttcNl1IM3oaqB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6dc3d6f0317cebaa3e3552bda3c44c43_JaffaCakes118

Files

6dc3d6f0317cebaa3e3552bda3c44c43_JaffaCakes118
.dll windows:6 windows x86 arch:x86

c129ca16cebe2a31f72139abf569ce8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

user32

GetSysColor

ole32

CoTaskMemFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.MPRESS1
Size: 27KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE