0dd02c04a18f096cc10b669606fc0263_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0dd02c04a18f096cc10b669606fc0263_JaffaCakes118
Size

2KB
MD5

0dd02c04a18f096cc10b669606fc0263
SHA1

8b63a9b6846b9e99fffb49c2ddc36840b9c0d6f4
SHA256

5eca82182036d240701eebdeabd8b3939f84ce0d32b4df37ef7d29833ef6b2d7
SHA512

369fb440c9bbedfdb40349c92dd66fff616af24288a3ec63f4e321498a13cc77ae0bfb2760d587029e0239bceb2848f4739d2935587e358defebb810d6c634af

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dd02c04a18f096cc10b669606fc0263_JaffaCakes118

Files

0dd02c04a18f096cc10b669606fc0263_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8985445be5af79f28aae94821ad6f991

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
LoadLibraryA
WriteFile
GetTempFileNameA
GetTempPathA
CloseHandle
ReadFile
HeapAlloc
GetProcessHeap
GetFileSize
CreateFileA

Exports

Exports

dllStartPlugin
dllStopPlugin

Sections

.text
Size: 1024B - Virtual size: 979B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ