2dab398bead9b87a3f889c2e8b78d0db_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2dab398bead9b87a3f889c2e8b78d0db_JaffaCakes118
Size

20KB
MD5

2dab398bead9b87a3f889c2e8b78d0db
SHA1

407b8086590a0a7eadb4b1db0ca90de678958b09
SHA256

3bb30bcdef69fe05da920f689fec2a244bd1e23ec533e170a4dd79a36fb3353d
SHA512

41fa17d7a308f0d0cfd9e4925be926bcb5b9a43ae11b5c926fdae23dbd46d9824679f6653a023e7018e5928f4ffa1dfd88b17dc966f65b7adee717f4b0fea748
SSDEEP

384:PXc4yIxEL7lDdKWup+/H9oXxzKsp2YQq1PjFWB8HxnNx4v:PBZ0pup+/HeO2SB8RnNxU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dab398bead9b87a3f889c2e8b78d0db_JaffaCakes118

Files

2dab398bead9b87a3f889c2e8b78d0db_JaffaCakes118
.dll windows:4 windows x86 arch:x86

da4ac79484c40146e40f1cdff49ddc8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

free

Exports

Exports

input

Sections

.text
Size: 16KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE