7f4eb2890d34750381252ec4c7f6e30d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7f4eb2890d34750381252ec4c7f6e30d_JaffaCakes118
Size

94KB
MD5

7f4eb2890d34750381252ec4c7f6e30d
SHA1

d0f4c5827ecfe7f2a689c578dfafb9a0f92460a5
SHA256

fbfffbd0ca0f370204467d690e9e2facb911f727e7aa3816607773a486516660
SHA512

923c1cae0f67768c6e9830e317161a7dcd6fda3fce45ce4cdb2261056c4fe4196bf052cc23cbbb73f75cb000ba65eb17a612fb11e8d412fe96e5c8f38ba56399
SSDEEP

1536:YUn8uiiL1XxXXwfkZjslTwwX/NjVeovAwxfgTbURQ8zx6vGwwCpHXc:YUn8ul5xXwsZjidVeovI6Q8tMGKXc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f4eb2890d34750381252ec4c7f6e30d_JaffaCakes118

Files

7f4eb2890d34750381252ec4c7f6e30d_JaffaCakes118
.dll windows:6 windows x86 arch:x86

cc58e43b5c15a3c14945481fd920e443

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

EqualSid

corelibrary

??1Task@@MAE@XZ

imagehlp

ImageLoad

iphlpapi

GetExtendedUdpTable

netapi32

NetShareEnum

psapi

EnumProcessModules

rpcrt4

RpcBindingFree

secur32

LsaFreeReturnBuffer

shell32

SHGetFolderPathW

msvcp110

?_BADOFF@std@@3_JB

user32

EnumWindows

ole32

CoInitializeEx

oleaut32

SysFreeString

msvcr110

free

Exports

Exports

CreateCollection
DllMain

Sections

.MPRESS1
Size: 88KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE