36fd330acff8479567e07148ae67f224_JaffaCakes118 | Triage

Sharing

General

Target

36fd330acff8479567e07148ae67f224_JaffaCakes118
Size

11KB
MD5

36fd330acff8479567e07148ae67f224
SHA1

c6fd2294cd76a41c990848efa081f3cf2ee2e0a2
SHA256

f6235cf5f516e3df8b5c0a2e8898a7593b3d60bea6dde8eddd780e6217eb958c
SHA512

743081392efb94d785e11477dc816c29a62ee1cc03527f3e64a8dc0f7c80e84b74cf04355ba8ef51eca15eb89765fecd90c1c38fc40c8e24df85e5770811a831
SSDEEP

192:Koc3NDOkHlBrxBZIotnKCKaLydttImeCoIgIoLhX3HdaHZheAEjis:9UVOkHTrhIhaLeIm5oIgIoLpAHHef

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36fd330acff8479567e07148ae67f224_JaffaCakes118

Files

36fd330acff8479567e07148ae67f224_JaffaCakes118
.dll windows:4 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

.text
Size: 512B - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE