4730dfde7e62a5b5ba99d2c736bb93fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4730dfde7e62a5b5ba99d2c736bb93fc_JaffaCakes118
Size

870KB
MD5

4730dfde7e62a5b5ba99d2c736bb93fc
SHA1

930ba6b77daaece0feb3cea2e8ce2f3f99e55629
SHA256

16996ce75a5b1cd863130874f3a1d3516bbb13d10dc13e36a24b75422260c327
SHA512

ab611a354a51f34e5f81431c638e501948504d04850cfb1a3995d4a27631d6f05b4c3abcba78b82d8eddd3bd82843b2f7d716b9d223d125a4d3e67fb2809e5d1
SSDEEP

12288:dJF70W7gzttlUJsM+kJbyTL7GLe+iCveKt/6zgCd3uGwAKeBq9sJiJrX1W2:d/v7gzCJsYSqe+iSp8ge3Qf/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4730dfde7e62a5b5ba99d2c736bb93fc_JaffaCakes118

Files

4730dfde7e62a5b5ba99d2c736bb93fc_JaffaCakes118
.dll windows:5 windows x86 arch:x86

330ae68fd35ae99521a0ac6a1fd9b999

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA

Sections

hlirjywu
Size: 117KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yhfwexrx
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mouevjdb
Size: 744KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nsicrbki
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE