39f49b77b377a2cc747da8431828d9b8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39f49b77b377a2cc747da8431828d9b8_JaffaCakes118
Size

682KB
MD5

39f49b77b377a2cc747da8431828d9b8
SHA1

c8c76bc3e5e72dcbb07a2bbb404a2aa00b7377bb
SHA256

c540977c7d0131dd3c857e47943c48ba6c2475edd5ecfd22369c1311e1250e34
SHA512

974658e9360bc11403b9b9129e696223c97e1bb1a969e57a1d0fb4c6ac145eaef1bbfd9a9733f808623b59dda056c7b36d7f50030c77e52ac59ad544ba850128
SSDEEP

12288:AmU/8v7Z0EREs0M3VP748w2kE5K1pdN+/tpCmOG:9t3VP7KE5K1pd4yDG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39f49b77b377a2cc747da8431828d9b8_JaffaCakes118

Files

39f49b77b377a2cc747da8431828d9b8_JaffaCakes118
.dll windows:5 windows x86 arch:x86

54cd689308de4e61df1fcbc3dca3e925

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedCompareExchange

Sections

Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kofnlwyu
Size: 570KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iadstbaw
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE