19aec208d28f6cacdcce8b553536c298_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19aec208d28f6cacdcce8b553536c298_JaffaCakes118
Size

11KB
MD5

19aec208d28f6cacdcce8b553536c298
SHA1

4b9b4f70013d5d1501817eb0b95c60676eaef8b5
SHA256

91adf79e419e6211f16e602d4f4c0a9b5e6a759a274487f4383898f422aa18a1
SHA512

bb5e3d34edda736c09fa138b16a2b69ff727de5e91d059b3989e67b7ecc26d05ff4cb93c477666192c16adf53a30aa08db78120c026606fe1768966f8aff5c62
SSDEEP

192:N38RFqQ+2SOLpzG5PlHJWBzwUa3aloROehCb2TyjiCRN3wgiGQk2Bm4v:25+2gPlHJizHqaloR22uJpUVBm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19aec208d28f6cacdcce8b553536c298_JaffaCakes118

Files

19aec208d28f6cacdcce8b553536c298_JaffaCakes118
.dll windows:1 windows x86 arch:x86

8b7982fe6452f99bf71e9dc45debfea9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CopyFileA
CreateEventA
CreateThread
DeleteFileA
ExpandEnvironmentStringsA
GetLastError
GetModuleFileNameA
GetProcAddress
GetTempFileNameA
GetTempPathA
LoadLibraryA
MoveFileExA
RtlZeroMemory
VirtualAlloc
VirtualFree
lstrcmpiA

user32

GetMessageA
ShowWindow
UpdateWindow

Exports

Exports

DllCanUnloadNow
DllGetClassObject
UpdateObject

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE