21cc36597f6801a616fc0314dc849619_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21cc36597f6801a616fc0314dc849619_JaffaCakes118
Size

22KB
MD5

21cc36597f6801a616fc0314dc849619
SHA1

43bb0b439af1b1daf9f7e2847a17fd74cc51e198
SHA256

717ba6452bd19a435170225f29b9449c804eb2f6bf568e371a77b083ef5ab9ca
SHA512

55036557e6343cfd29827bf8a64d6bfce51013ef17c57bd3ff46931b9a79cf389283eafcd9c270b1a142a411a7adf5d34e31b47ff8b0644b160c317119c84951
SSDEEP

384:dB4rDJvXHCK9E7U6Dxo0phLjAEqJpB8MKUvmxCuxU9YqCTQiCjNfsHU:IDBHCL7U6DxouwpJKym8ua9iTm+U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21cc36597f6801a616fc0314dc849619_JaffaCakes118

Files

21cc36597f6801a616fc0314dc849619_JaffaCakes118
.dll windows:5 windows x86 arch:x86

372166dbcd6b6fbfa89eaa11ecda6dc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
GetTickCount
lstrcmpiA
lstrlenA
CloseHandle
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
GetModuleHandleA
lstrcatA
CreateThread
DisableThreadLibraryCalls

Exports

Exports

Export1
Export2

Sections

.text
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ