4281c01058fc6023babcb081583a0252_JaffaCakes118 | Triage

Sharing

General

Target

4281c01058fc6023babcb081583a0252_JaffaCakes118
Size

21KB
MD5

4281c01058fc6023babcb081583a0252
SHA1

36b069cc7dc5c15f883110883632e10cfb58d111
SHA256

23b61f6d097014672a5d6cff163ab0042211ced6d299e5b4fe539ee74022b212
SHA512

5afb341e76dcb100c58e5968e583c15c50bd4db87cf05c0d7a0a06921e5df3cace4077c0c9b420e0acfb2f804e41a226f7b9bfc6e47c21a6ac9826165847438d
SSDEEP

384:ZJMNsip5vLtrG8mmZkQGxZ0TOpPOuF6fgWFH6miKd8vz3B7hl9fRW:ZJMJLRG8rG3ZtmHhi/v1O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4281c01058fc6023babcb081583a0252_JaffaCakes118

Files

4281c01058fc6023babcb081583a0252_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7632b18a88b6df43ae18e3614ca026bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
lstrcmpiA
lstrlenA
CloseHandle
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
lstrcatA
CreateThread

Exports

Exports

Load2Graphic
StartVideo

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 618B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ