5da6a3f63cea66aa38c4bf16a9aa8e0f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5da6a3f63cea66aa38c4bf16a9aa8e0f_JaffaCakes118
Size

21KB
MD5

5da6a3f63cea66aa38c4bf16a9aa8e0f
SHA1

8c446a9a8d302e9a1a2662de4baede9d58a06fe3
SHA256

cbce012b9f24eb5a7ed5cd542ec74c671ea0e82adc8af31d300a177f133918df
SHA512

9d8c1d080460839967b18508fdc438b9a90f425389f0f25fc5cd4c7e9ff921f070acc11b4208573c7d9901592e51580a8d49b0d69d6ed25a9f18114049bc3aa1
SSDEEP

384:BaJ7zZM+NPrSmL/MMPjZflAIgfqRgLKW8vn8eYmBD+fR6:BaMMPN/MMPVC4gGv8epDL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5da6a3f63cea66aa38c4bf16a9aa8e0f_JaffaCakes118

Files

5da6a3f63cea66aa38c4bf16a9aa8e0f_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7632b18a88b6df43ae18e3614ca026bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
lstrcmpiA
lstrlenA
CloseHandle
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
lstrcatA
CreateThread

Exports

Exports

Load2Graphic
StartVideo

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 618B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ