5e6fdc22506a0a9bae2f3dcd28dcf2bd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e6fdc22506a0a9bae2f3dcd28dcf2bd_JaffaCakes118
Size

54KB
MD5

5e6fdc22506a0a9bae2f3dcd28dcf2bd
SHA1

f2c4d64a7e24d83627d6002584d6b11a5e33736a
SHA256

68ebb05cfef90dc16ef60b27027b049fbe4c932182f1bebea75897df2dc3ec5e
SHA512

d24e960951c3214581729809efa2821a643a7524545f17758577972e266e36a7bd9dc99784ecb2d8ac07ce1d05e16e9ce20b9218e7f6bb3c1b34fdcd41451e72
SSDEEP

1536:jBl2nlsxVLtlsrRHg/eDHHJzI8jmXfHtMgp9:v2nlSVLviR7bHJzTjmugp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e6fdc22506a0a9bae2f3dcd28dcf2bd_JaffaCakes118

Files

5e6fdc22506a0a9bae2f3dcd28dcf2bd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3acd1a9b64cde6bc91dd97c322e25999

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

shlwapi

SHGetValueA

user32

LoadMenuA

shell32

ShellExecuteA

Exports

Exports

GetVersion
SetTIcon
inst

Sections

.text
Size: 46KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE