32d608b3cc90c147a5472bad00966256_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32d608b3cc90c147a5472bad00966256_JaffaCakes118
Size

24KB
MD5

32d608b3cc90c147a5472bad00966256
SHA1

0e3a99a237b1463c08e211ac664b4c64b2abec03
SHA256

23a06e4276319b80e032e31bec8a00df6bee8fba98a2d1a1fefb9b8fd05637e9
SHA512

b79492e3fa74c9f361790c22c6f722b337ab5db669e11952c3915345a9836b96c9f6ffce8bdcb8d3739d39d33b387971268ed93a6cbb755586379b21befcac9e
SSDEEP

192:8R10E4AKvSW/SE1sAZrZ/fXOA67Z36YFjBIwCjKJvrWWsSYcStX2HrLJZ5w2j569:8RIAkvsmZ/PMZ5kwfKW9YfXUZZ5XTHM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32d608b3cc90c147a5472bad00966256_JaffaCakes118

Files

32d608b3cc90c147a5472bad00966256_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bd51a645a9c68bd03b2e51586e5cbdcb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA

Exports

Exports

CBTProc
OPThread
SGThread

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ