182d977039100428846a13c3180211e2_JaffaCakes118 | Triage

Sharing

General

Target

182d977039100428846a13c3180211e2_JaffaCakes118
Size

21KB
MD5

182d977039100428846a13c3180211e2
SHA1

59cbf831de5b900e9305ed2b918ca5d1301ea47c
SHA256

5968063e9465a5fee2a703dbc9a6994ce07ced771d7b650ba0d9b976de82385e
SHA512

45350c21a79d00395f6ff42c5c67b78b02c2b29bc127e031c88bed97b9e617ab2b5a95285ef56ffffde6b3e021bc4fec36d8ad54b839741f8c8b27b2f7991a50
SSDEEP

384:Yr9n+pOIEsGFWzR82Mp49jhOMP28vbNPwLdqfRy:m9n+pZGEzRLcGt5P7vBYdv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
182d977039100428846a13c3180211e2_JaffaCakes118

Files

182d977039100428846a13c3180211e2_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7632b18a88b6df43ae18e3614ca026bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
lstrcmpiA
lstrlenA
CloseHandle
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
lstrcatA
CreateThread

Exports

Exports

Load2Graphic
StartVideo

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 618B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ