59976ca102144088c496b500dabc6402_JaffaCakes118 | Triage

Sharing

General

Target

59976ca102144088c496b500dabc6402_JaffaCakes118
Size

261KB
MD5

59976ca102144088c496b500dabc6402
SHA1

4db9f698c83dd90f64ec52f8cb6531f519ed3590
SHA256

c2a72abf1c553c4665ce8f7dadd5ba149341fb6dc4f024308c5fce281a12b9d7
SHA512

a3ae30e2bb3f966a0f0db0459df21328d523c785d81bc3ee78b02cea91ad2e39ba8f6b6c75e99066411dc11ec17e427e90db6fdcbbcb408bb9bd54ca50941027
SSDEEP

6144:VnZZS/5VRSzheRXReHL44nDWgRAkPsGQn8xID0DMFT/SEL61GGwxATtx7:mhRheHVR3PsGLxe0DUqEL61z3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59976ca102144088c496b500dabc6402_JaffaCakes118

Files

59976ca102144088c496b500dabc6402_JaffaCakes118
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

zGuardMulti

Sections

.textbss
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 253KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 336B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 73B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ