8f8d8107ee5d3c40e633ee6e254faedb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f8d8107ee5d3c40e633ee6e254faedb_JaffaCakes118
Size

21KB
MD5

8f8d8107ee5d3c40e633ee6e254faedb
SHA1

504b5316421b2319155f13a149e4a0bf561b1201
SHA256

40abe959133fa8f12a64861113ff00813b9d8ed0efba6257872d1678b5683d3a
SHA512

297288b9e75ee33d9d62433c8c42907afce1e827b1ce77dca57686528f21480692c10222ae06cf1ffbbc6b5ae0b43097b3b1c06361913050f0e8993060473d1a
SSDEEP

384:lymrnDnNrGNkmhT4/uLNza3RvniUv0zDGgfCyk/ljVplYNFMAbmI77vvxlL:swnzxGNkuTPta3N3cHG9NVfYNRbmI77D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f8d8107ee5d3c40e633ee6e254faedb_JaffaCakes118

Files

8f8d8107ee5d3c40e633ee6e254faedb_JaffaCakes118
.dll windows:5 windows x86 arch:x86

91ba76ca8a7c89e76b1fc67bf8b2e286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

_iob

user32

wsprintfA

advapi32

RegOpenKeyA

Exports

Exports

DllMain
DuAbortDownload
DuBeginDownload
DuDoDetection
DuInitializeA
DuInitializeW
DuIsSupported
DuUninitialize

Sections

.MPRESS1
Size: 17KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE