2f3f56c5f072baeaab7bbfc48976d949_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f3f56c5f072baeaab7bbfc48976d949_JaffaCakes118
Size

68KB
MD5

2f3f56c5f072baeaab7bbfc48976d949
SHA1

f073ea9ebcb281e2842a1dad8b814fd4372e7bad
SHA256

893294e1f3fb3f606af474223a2de43608f7f5bcb2340199cb25a887ee17db08
SHA512

02fb6db73c484bcd73d56640a2d45e68ff550828d69acf68e6ff846062e82519290cd4b68cd5bf64ab7c780ef2d1881f312e77950ea2b84a8c7e52195c0f6f45
SSDEEP

768:Z1aa3pz8S+zX4TXf6jh79ZlSbDmn6oEc9PZfLGIdvWfqA15ZGcYGstIZXGle:ea3p+7SP6F79iloEwPhagAlnstIZ2le

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f3f56c5f072baeaab7bbfc48976d949_JaffaCakes118

Files

2f3f56c5f072baeaab7bbfc48976d949_JaffaCakes118
.dll windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
dll_inject

Sections

.text
Size: 50KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE