27d029742dfeac4d10639f0d32b04a36_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27d029742dfeac4d10639f0d32b04a36_JaffaCakes118
Size

1.4MB
MD5

27d029742dfeac4d10639f0d32b04a36
SHA1

5f9b53852a48d3d8895709b85d38f433db3b9afc
SHA256

211c960af731ecaf1ebd598d8bbe156a936a44b1119bdc15e9912a7b6a521270
SHA512

cd148322a14ef8e0af01a6ffc00f261acb5a9e4fd0fbcea2aa1524fe008fbfcdd91722975a246d6d666f440f5b3c60d6c18165fc630be38ec70c34490784857a
SSDEEP

24576:sm4IJTor847hgwj4YBsHV/hhBSq/qKjKYSv5+gS2DkJWd5rG:sm4eTord7SYq/Pk+h78j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27d029742dfeac4d10639f0d32b04a36_JaffaCakes118

Files

27d029742dfeac4d10639f0d32b04a36_JaffaCakes118
.dll windows:5 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
IAlloc

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 905B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ