3e26bddbf15950620e0e9891854cfce6_JaffaCakes118 | Triage

Sharing

General

Target

3e26bddbf15950620e0e9891854cfce6_JaffaCakes118
Size

1.2MB
MD5

3e26bddbf15950620e0e9891854cfce6
SHA1

57909acc4e39fd61ff4cf29173325d1493baa089
SHA256

db58d343efbf99c39999f4c7e3d16217cab3dc664c6d81d2216d34de112eed73
SHA512

20dac6324b017ba80e265909d181cde8bee64963377fe95dfe492996563085b3cd917a300a913af1363a7438a71a01e0708b919aa6146848cb20e904329e597d
SSDEEP

24576:BLW2JwUk2S6M8QjQPlGQl7vuXKC2/Nbb9hhXUdjL4U:BK2J42S68je0YvuXKPlbBhxMv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e26bddbf15950620e0e9891854cfce6_JaffaCakes118

Files

3e26bddbf15950620e0e9891854cfce6_JaffaCakes118
.dll windows:5 windows x86 arch:x86

04f46bd3b456558a51b20ddf946a694a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32 winmm

SaveDC 0c

Exports

Exports

RunDllHostCallBack
___��ӳ��
call_��ɫ��
��
��ӳ��____

Sections

.text
Size: 428KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 748KB - Virtual size: 748KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ