2e87288351f152cad6890d5189c0a7aa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e87288351f152cad6890d5189c0a7aa_JaffaCakes118
Size

89KB
MD5

2e87288351f152cad6890d5189c0a7aa
SHA1

9bfc4a5dfb09562f1bc5d0a959efadf8c4c7f6ed
SHA256

7700263cd51d929a8fbcff0e81cb7f250781cd7e47048dc3bfd1ffa2c9240c96
SHA512

bd4f0a4265ce2d16a3d24ba9c1172a88385bd5e5d4722bc925a3ca94479ac3983871c2dd99d2801d485f0ff4d4afb5fde08814768d66bf4812194cdff1728e3a
SSDEEP

1536:XGxvoZpYWlPi/Zv+SczhZo0DUxdjTG1hIqR1VI4QoVmsXBUk0H2:Xe2Pi/Zv+3DoNxxAhfd9g6Bv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e87288351f152cad6890d5189c0a7aa_JaffaCakes118

Files

2e87288351f152cad6890d5189c0a7aa_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8f8c3b7e2e59d6ddb0f1a48e5d46e5fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FreeLibrary
EnterCriticalSection
LoadLibraryA
LeaveCriticalSection
GetProcAddress

advapi32

RegCloseKey

ole32

IsEqualGUID

oleaut32

VariantCopy

shell32

Shell_NotifyIconA

user32

SetTimer

wininet

InternetOpenA

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 87KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE