28f8bd2a58bba38db7630be1177f335a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28f8bd2a58bba38db7630be1177f335a_JaffaCakes118
Size

117KB
MD5

28f8bd2a58bba38db7630be1177f335a
SHA1

60ade1139ddcd12f1907b2d77db14875625e7483
SHA256

b6c30a1d743bbfffde8faa5615af72c29a45e5e76cf85ea8d48a7f9f7e17c952
SHA512

a7920c164287e9e8ecdb327231129e2df43f936a502e8b7bdc3181197d4daf46063b1fd653e734ca86e3c5ae28c1a8cdf225ebbb97ab8b83db7872de212989e2
SSDEEP

3072:gEm6PfOH+grmTfZ4s2PjR7anxna5FjcqJlRmdk:giUbaLV2P4Y5ZJjWk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28f8bd2a58bba38db7630be1177f335a_JaffaCakes118

Files

28f8bd2a58bba38db7630be1177f335a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e1625d8071406afdd29d60bedf6aaa09

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetDateFormatA
GetFileSize
OpenFile
lstrcmpiA
lstrcpynA
lstrlenA
ExitProcess

Sections

.sforce3
Size: 25KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce3
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.brick
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ