2f387bc4441508269629b640c77379bf_JaffaCakes118 | Triage

Sharing

General

Target

2f387bc4441508269629b640c77379bf_JaffaCakes118
Size

48KB
MD5

2f387bc4441508269629b640c77379bf
SHA1

4040bbda5f03ae36ab61ee5e2624899d2b3d7b1b
SHA256

1d41ca1fbc8768fb1200f5636aacf3907c9b51e125382a36153128f74f05e371
SHA512

57b363a39f360bb26704a8cca76b5d593a15bece08bec939d4411c3cabc7145b755d657b720ed482ad144030935f569c38664bb11e51061bfebb5cd72141a0bb
SSDEEP

768:CXUzHfb5UnkXNDpG/ajcCtPgYdwZ5KTcJmi+yotX2l3dsR//vq/+Jf88hvGjee57:UUzHfNUqAC1xy3YFncsR//vqkNh/M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f387bc4441508269629b640c77379bf_JaffaCakes118

Files

2f387bc4441508269629b640c77379bf_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6193f149a90b2b5ff33bef3deb35bbe4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindNextVolumeA
VirtualUnlock
UnhandledExceptionFilter
IsValidLocale
InterlockedExchange
GetPrivateProfileStructA
EnumSystemCodePagesA
GetCommandLineA
ExitProcess
GetStartupInfoA
GlobalWire
GetLocalTime
GlobalSize
IsValidLanguageGroup

Exports

Exports

Wjdadxfb
CreateLutaxho

Sections

ATSEC0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ATSEC1
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ATSEC2
Size: 39KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ