5fb372e2e9354f4eb056fb53078cac2c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fb372e2e9354f4eb056fb53078cac2c_JaffaCakes118
Size

19KB
MD5

5fb372e2e9354f4eb056fb53078cac2c
SHA1

30c3eb51741f8076c1de35be2a8ac637ea9757f7
SHA256

714c77bc48d7899aeccac2af4371e6c0fc81e4cf6f570e9ec63efef044de83be
SHA512

5a55258daa04f4119eefd2d9e70a6ed558c1a0a74096ce58751c445b28137c4a6a6113467f8f4f9d5269bdf77101b3aa04fdccafb812fc83d9c609a464f33d8b
SSDEEP

384:hVqWz9cYyCsAbKO+sSag/SCGDfHfcgYWh+ThYTrPZ0q9HjxaIc:hc018KSagwQHpThYT7THjxaI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fb372e2e9354f4eb056fb53078cac2c_JaffaCakes118

Files

5fb372e2e9354f4eb056fb53078cac2c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6f8e77940284bde3f31b3832dc439c36

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_strlwr

Exports

Exports

input

Sections

.text
Size: 15KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE