224959513351983e2f45c8e6fc9779a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

224959513351983e2f45c8e6fc9779a4_JaffaCakes118
Size

24KB
MD5

224959513351983e2f45c8e6fc9779a4
SHA1

15bca55203f1a2ef4f7a44035c349a46d782cb8e
SHA256

451ee01b9a03f30fe3d2d5f90d16c43562289cff3df904c5a4085f825dddb095
SHA512

5ffafcb95a9d62d843385411c0a16ee89e54d061e70ddbcd0f695bbcfcfb1a9cf3b13aa43a645ac3465dd913d43073f4de775688cd77cead22aa243829d30ad9
SSDEEP

384:9NEfqNz9Q1hoZkaXsW7EACL1bWJi9n5vrR7a3fv7VhUJ3SWb+/WcCZW:9WivdkL16Ji3zR7GfTVw3jl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
224959513351983e2f45c8e6fc9779a4_JaffaCakes118

Files

224959513351983e2f45c8e6fc9779a4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e7f43a3ffff346c391e68f1136a2e439

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnumResourceNamesA
FreeResource
LocalAlloc
MapViewOfFile
UnmapViewOfFile
VirtualAlloc
EnumResourceLanguagesW

msvcrt

_stricmp
fwprintf
rand
srand
time
wcscmp
wcslen

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ