212d140d3033067f9d54aa1d65f98e94_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

212d140d3033067f9d54aa1d65f98e94_JaffaCakes118
Size

21KB
MD5

212d140d3033067f9d54aa1d65f98e94
SHA1

2977825a1d114db709ca8b1a1a9c48312e09a677
SHA256

79b74e0557e6467c052db961b50c67b76e501a2e215c043a76f4010a9cbe59b1
SHA512

0aa8c54a744004442e7479828a316f7507ac7687ebf0fde7b6a5ea150fd843904c36c1b8f16fb45f7342b66fa27b52157bd77ec1587bfefdb36a640d9d6d82bd
SSDEEP

384:N/jXxxIzwar5hOv9foz6/O1m71WINGndya8vLkmrpfRkc:N/T2wauVfb/lWd2vdr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
212d140d3033067f9d54aa1d65f98e94_JaffaCakes118

Files

212d140d3033067f9d54aa1d65f98e94_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7632b18a88b6df43ae18e3614ca026bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
lstrcmpiA
lstrlenA
CloseHandle
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
lstrcatA
CreateThread

Exports

Exports

Load2Graphic
StartVideo

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 618B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ