34a9241cee7e4e3a9de95a3138c526e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34a9241cee7e4e3a9de95a3138c526e3_JaffaCakes118
Size

46KB
MD5

34a9241cee7e4e3a9de95a3138c526e3
SHA1

a9189287d53deb5777cf5e08ddeaea1062459f97
SHA256

64212f6e8f83d7d8bb9f92c96ec13c3b39f722714f123d8e8c4e0825451d64e2
SHA512

0b3048605fee06092824e70e0530b921b3d65cec10c436476b02b635ed4b5ee1a658de6ceb4953e9874c3877b325e06220f18cfd8cb94875bd8209eb29e63120
SSDEEP

768:uiUECRwiqwIz+xpZ/7QYbf9AheiVy0y5LRKiAqHXa/PYkte+CO/z:uiUjRqoX/73bf9AciQh5LRfKXte3OL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34a9241cee7e4e3a9de95a3138c526e3_JaffaCakes118

Files

34a9241cee7e4e3a9de95a3138c526e3_JaffaCakes118
.dll windows:1 windows x86 arch:x86

f0e1505c6ed2f11dbaf1ea3efef8bafe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
ExitProcess
CreateEventA
CloseHandle
LoadLibraryExA
GetProcessId

Exports

Exports

CreateProcessNotify
DllGetVersion

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kdata
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ