3a3b0053de08e3a024d6cb3195078a36_JaffaCakes118 | Triage

Sharing

General

Target

3a3b0053de08e3a024d6cb3195078a36_JaffaCakes118
Size

20KB
MD5

3a3b0053de08e3a024d6cb3195078a36
SHA1

e390980c20c6ab20523e80184d65d747037baf56
SHA256

cb229e27e72610faeee539a81d46f13b098d2c28de22bef337122c29954c4c58
SHA512

8eab74d1a4d9a344908ceeddc1efaf70fd90cac0d257f1eed8656d3520e7d1638492ea93fb790de0f7e3b64c0027a06892e9461e550ac5c5d08f964f5f30b3ec
SSDEEP

384:cUNWb3rI984DP5yQ09AQNnvv5UtLT8x2/p4Xtlamgyf+DgjDV3gD:DNK774yQ8v6B8DXtlpgu+D+DV3g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a3b0053de08e3a024d6cb3195078a36_JaffaCakes118

Files

3a3b0053de08e3a024d6cb3195078a36_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6f8e77940284bde3f31b3832dc439c36

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_strlwr

Exports

Exports

input

Sections

.text
Size: 16KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE