3ab6e84dd5447b6de47c52bc63fc3aa8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ab6e84dd5447b6de47c52bc63fc3aa8_JaffaCakes118
Size

103KB
MD5

3ab6e84dd5447b6de47c52bc63fc3aa8
SHA1

c8201199b0bd5fda3063425fe59c73aa318315e4
SHA256

3397882d8f680649cb212f1779a6bd8d6c86f3c723c4f87cfa369125817f0c9c
SHA512

46096583dc19b508be4aecf0d88d8fa33379a64bfa627ed2af89f4edc22bcdf23681fd89a7d8c25e512821998dc5ee648de9a5292db671111c2a6a02fdef2764
SSDEEP

3072:eikRtONv2ukU0SDmNl9OF5BNKrCkReskJtIWVl:Rb0OmNl0FKmkuJic

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ab6e84dd5447b6de47c52bc63fc3aa8_JaffaCakes118

Files

3ab6e84dd5447b6de47c52bc63fc3aa8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2203f2b9e893845ba59f30af7aec7126

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
EnumResourceLanguagesW
ExitProcess
FindResourceA
GetFileSize
GetLocalTime
TlsAlloc
VirtualFree
lstrlenA

Sections

.sforce3
Size: 26KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce3
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.brick
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ