36aba73ae7bd0dde144fcbe44886cb52_JaffaCakes118 | Triage

Sharing

General

Target

36aba73ae7bd0dde144fcbe44886cb52_JaffaCakes118
Size

1.0MB
MD5

36aba73ae7bd0dde144fcbe44886cb52
SHA1

ff88b56b1d10940b8e7079afbeb48fa75b96b1f3
SHA256

e9f6acfb99658c37a7d211a2a7d19ec1a9da12c2cc34da498c14b2ecf723680d
SHA512

9067d6467b7f31f5b1d6dc2888ec73a07b63362246a65e2224c59ff37ad7221c85d5e5d5a567f37f866e3cc51069eca1b118039ab8b9b7582cf0c83434a87e29
SSDEEP

12288:LT1khDxoP/jydydorrVU88CVBP9bk8Ev:LTWhDJR98CVBKv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36aba73ae7bd0dde144fcbe44886cb52_JaffaCakes118

Files

36aba73ae7bd0dde144fcbe44886cb52_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
IAlloc
QueueMemory

Sections

.petite
Size: 940KB - Virtual size: 940KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE