3ab989dfa4811a23c981d58bdb567bdd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ab989dfa4811a23c981d58bdb567bdd_JaffaCakes118
Size

120KB
MD5

3ab989dfa4811a23c981d58bdb567bdd
SHA1

6e90df8849ed7f09635c8f6da8a6b68c6f691db6
SHA256

1215480ab2c53b366ba3db654f9e4449f232570a79a0e71b189f07bd04649cf1
SHA512

5bc2beca303b0ca9446df6d066d8920075dc4313672fe55bc7c6d8fa0615010968bb3f8b92c83eebeadb61d8f59cb15b843af21fe482f9e76d315701578bf416
SSDEEP

3072:IIfBFyIzGRmbkHVrJW0CJ5tRzOpdD9LYYj/aTmgiaXzAJ8:IIfB0IzGRm4VrJW0CNRzO9Ya/aaSz28

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ab989dfa4811a23c981d58bdb567bdd_JaffaCakes118

Files

3ab989dfa4811a23c981d58bdb567bdd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e1625d8071406afdd29d60bedf6aaa09

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetDateFormatA
GetFileSize
OpenFile
lstrcmpiA
lstrcpynA
lstrlenA
ExitProcess

Sections

.sforce3
Size: 25KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 90KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce3
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.brick
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ