21067c7a8658518afb9d79c007191700_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21067c7a8658518afb9d79c007191700_JaffaCakes118
Size

20KB
MD5

21067c7a8658518afb9d79c007191700
SHA1

83c5fb6b4113c9bd190bf17f896971ea07a4846e
SHA256

40d930941dd51906feed9a4cb968f23ead9bce658e03136c69f3f1c0fa42611d
SHA512

97666bba74780c35f9912b902a2ed2bf187032b0af9e2a1fea69285bce744d23044dedbe7963374aa99c01d34da70c2e0599456ca7c2ce0fc7eec45602af138a
SSDEEP

384:GqKKLFbLVdw2zYhiKhFHg31rqSh/iRQ91wwW68edh7sPLFh6fQGeBk:GiN3RzYhZFA1rhBiq9xWjedhu2fQG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21067c7a8658518afb9d79c007191700_JaffaCakes118

Files

21067c7a8658518afb9d79c007191700_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6f8e77940284bde3f31b3832dc439c36

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_strlwr

Exports

Exports

input

Sections

.text
Size: 16KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE