2b83d94254c3404452b42b68322c5c87_JaffaCakes118 | Triage

Sharing

General

Target

2b83d94254c3404452b42b68322c5c87_JaffaCakes118
Size

1019KB
MD5

2b83d94254c3404452b42b68322c5c87
SHA1

9ef2fd5ee9f3bcce25b4914dfa5717378b21f851
SHA256

481c1fba8a8a40a005f4ac0dd54a0809cbd17f232c44431e9a132b582fef739d
SHA512

f26ab1a8ea9596f13b673712cefd287c661c8ae78e7451367fe260c1d62e2676a7713203c447a324fa1d3a4d0355179fdc29536719568a0c7b24fcde9b4b1640
SSDEEP

24576:5EDi+JfnLQh/3l+r7lcPvrBFdDIf+YptI:mfnW/gR4TPK+Yp6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b83d94254c3404452b42b68322c5c87_JaffaCakes118

Files

2b83d94254c3404452b42b68322c5c87_JaffaCakes118
.dll windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 482KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

saiwxnzl
Size: 680KB - Virtual size: 684KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vwrtgege
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE