7f5af45bad21a49eb892e9e62b89db88_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7f5af45bad21a49eb892e9e62b89db88_JaffaCakes118
Size

15KB
MD5

7f5af45bad21a49eb892e9e62b89db88
SHA1

379afae84d66bff2ad6258cb94849423bbdff934
SHA256

5973c86d1c4df7caaab26b7887b52232708d6bd5a5f5adb71ceb86f17b123463
SHA512

b157b362b196c2ab557aa90108f98c890919ba7cd026dfd5b4728238f836624b5d5d85f8a72e6a1ca91b01002b2e55bf1c301e41924329f3a4558931221986e5
SSDEEP

384:mCX5yVugG687NOzg+vzCG0Er5PRbw4RAG8HgL7vvxlLDe:mCXeGl7NynvmG0Er5pw4RAG8AL7DK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f5af45bad21a49eb892e9e62b89db88_JaffaCakes118

Files

7f5af45bad21a49eb892e9e62b89db88_JaffaCakes118
.dll windows:5 windows x86 arch:x86

6438c791b51f1c5b1c08bd580c5059f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcr100

free

vboxvmm

SSMR3GetU32

vboxrt

RTStrICmp

Exports

Exports

VBoxHGCMSvcLoad

Sections

.MPRESS1
Size: 11KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE