49f61a370c4baa88686f3156ef46de70_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49f61a370c4baa88686f3156ef46de70_JaffaCakes118
Size

49KB
MD5

49f61a370c4baa88686f3156ef46de70
SHA1

ec6231f0a985e366c5b0341db0b49910df52a4c1
SHA256

c2d968ea542220b4af4325c4b8263d47bdba13a8f3799235a69b272164637843
SHA512

d2e04591b9dda18930327b6eb1b676ac09fd7bb487d142e4fa72f9af82fa9c3846041c098a12579de18aa1cce2e94cb1d2a505efe8660c8975e45d8055d5b4e5
SSDEEP

768:/W8QhURLFkPvTU1/UqCuiYJcbRZbnXRWJ5ACDyJKBuSMCK26R0JS7SM:/+AGPvYJ7+/ZrXRWH/SbSnTc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49f61a370c4baa88686f3156ef46de70_JaffaCakes118

Files

49f61a370c4baa88686f3156ef46de70_JaffaCakes118
.dll windows:5 windows x86 arch:x86

313f4fd13e30a00ac5c2acc76829c8ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

MessageBoxA

shlwapi

StrStrIA

wininet

InternetOpenA

Exports

Exports

OldNoLead
_DllMain@12

Sections

.text
Size: 43KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE