30786c64cb8e0393ad220f7d4b0706f6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30786c64cb8e0393ad220f7d4b0706f6_JaffaCakes118
Size

20KB
MD5

30786c64cb8e0393ad220f7d4b0706f6
SHA1

c7d9107a4d99e9b28cefde8a705607cda43b3105
SHA256

9177bae43e9e0ef2d80785451018d9ef42795d544a24f00d6b79f53b22291076
SHA512

afdc23227079f7b54e29ba5f2205ff178cb7c457367b2a3864d51738cfe6833395fdd910ee3aeef8bd97e38137d04c7bae8245a0a4ccb9beda90cc04ea40fadc
SSDEEP

384:VD0+RIkQp2futlnb9dzoqVKW04gwyDZvAdkty2gYl:V4+RIDp2snb95jVKWfyBAety2h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30786c64cb8e0393ad220f7d4b0706f6_JaffaCakes118

Files

30786c64cb8e0393ad220f7d4b0706f6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4f84bdeddbf4a40eb04c427baacdf344

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetModuleHandleA
GetProcAddress
LoadLibraryExA

Exports

Exports

DllMain
adoxqbi
chpvi
eursyv
fwwpudl
kdmbjl
viiqtd

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 752B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ