419e88d65e48d27ec296491c9d463601_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

419e88d65e48d27ec296491c9d463601_JaffaCakes118
Size

117KB
MD5

419e88d65e48d27ec296491c9d463601
SHA1

56040b5b09fc89a3cd2ae64de2a9459f416e6d8a
SHA256

4dd3c5ae6e0c104c9e731ccde1c832b30f2d258cc8e9fbdd54feb0e4d29752f9
SHA512

cb08208777860742d2f62c021ade477610e8367d7d635911875db2fe8cbecff7d1d9f578cbee83313e74732a096e4df37ffbb8111eb816090536776ab7459ffa
SSDEEP

3072:dVSHPYu2z36KEHTnT6aALy4zG+8tnO0WvgX9rxg:TQPYhuKEzWaAm4zG7Nyvcpq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
419e88d65e48d27ec296491c9d463601_JaffaCakes118

Files

419e88d65e48d27ec296491c9d463601_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7b38bc18ff7dceb0b5587bae024c8572

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LeaveCriticalSection
RaiseException
lstrcmpiA
ExitProcess

Sections

.sforce3
Size: 25KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce3
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.brick
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ