2462e18c39846bfb8f4e301c7e3cc8cf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2462e18c39846bfb8f4e301c7e3cc8cf_JaffaCakes118
Size

103KB
MD5

2462e18c39846bfb8f4e301c7e3cc8cf
SHA1

50bb3467aa1df28228f9b8ad4e88cd20419fa6f4
SHA256

9826652c4fa703284f1287462b9b4f3709b40316311f390cffaae0dbcffaf5c3
SHA512

2720b1a015aa712c97ca1c7fb2137c2d0a07a32037900c01f360eba53a464b11d1cc9bc23de41b6be490f4e0187b3f16f5a87846a316da2f14825a010192082b
SSDEEP

3072:WCqbHlGPCg+fKR+pvGYQxs7mDJQeLflZ43CdiJmd:WCqb4PN+SRIeYQsdyMJm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2462e18c39846bfb8f4e301c7e3cc8cf_JaffaCakes118

Files

2462e18c39846bfb8f4e301c7e3cc8cf_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9fc5b39e41ac2d86ed7b29f1096a3529

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnumResourceLanguagesW
ExitProcess
FindResourceA
GetLastError
GetStartupInfoA
RaiseException
SetCurrentDirectoryA
lstrcatA

Sections

.sforce3
Size: 24KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce3
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.brick
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ