16c298467319cabd12601a571c48d1ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16c298467319cabd12601a571c48d1ba_JaffaCakes118
Size

54KB
MD5

16c298467319cabd12601a571c48d1ba
SHA1

cf400b004817be39ddc9e0b29bc0e5abd7e38110
SHA256

3132206ff44c490842249e3b93f3537da716e96822a40810179fcdb01a2a0fe5
SHA512

f9291f1ca381642d68765c766b0b8e5fa8dfb424e9678ca280025f4890ca7323718f38d6890827fbf55fd1ba7a371417689da26b2aca29bfae32546f61414282
SSDEEP

1536:R1tyR1Bq9oioN3MVP8rtxZO56mvE1SuoRzRm7X:QRn6VPgHrI5uoRzQX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16c298467319cabd12601a571c48d1ba_JaffaCakes118

Files

16c298467319cabd12601a571c48d1ba_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9870f50c3e7b58713ec393e3823221bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ole32

CoInitializeEx

oleaut32

SysAllocString

msvcp60

?_Xlen@std@@YAXXZ

msvcrt

_errno

Exports

Exports

RegisterDll
UnregisterDll

Sections

.text
Size: 47KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE