1c691890a633e6872056bc618e631e56_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c691890a633e6872056bc618e631e56_JaffaCakes118
Size

72KB
MD5

1c691890a633e6872056bc618e631e56
SHA1

807490a23c4b97976fb9d5cc01e99a5a46e6f32d
SHA256

aabd81f2a311ba697513bbc1844bb0f27f74ef2ff4d329720e3d0e8639bcd671
SHA512

0d125ed63440b573e78fc2cdd6e79cb3b3761ee7381fc8057b9d955c1a82fb3c4ef49e5a03ae3d54ad0a74a963982dccf4476c2fce85ff8789bb4969888bf9b1
SSDEEP

1536:t1FFXytyZjShuFziEhFbd56gr4yzJCjyxEp0W4h:tfFXyYBX6gr4raEph4h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c691890a633e6872056bc618e631e56_JaffaCakes118

Files

1c691890a633e6872056bc618e631e56_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7ea7ee21d5a445cd7fcaeae7207183b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
OutputDebugStringA
LoadLibraryA
FreeLibrary
DisableThreadLibraryCalls

msvcrt

atoi
sprintf
strncpy
free
_initterm
malloc
_adjust_fdiv

Exports

Exports

_wsydnati_FindFirstNext@20
_wsynativez@16

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 499B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ