6181e9402a8729d0da85d0d525cb9198_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6181e9402a8729d0da85d0d525cb9198_JaffaCakes118
Size

139KB
MD5

6181e9402a8729d0da85d0d525cb9198
SHA1

57eb983c42a324a19a8dc4370e856d14e19c1353
SHA256

fc36da3ac44fe90c9b157ecdcbd77f9b16da440308fc5c659b1d3811144e0479
SHA512

36bb4e723a073ea769b816a0ad8789f6f64bd2ad596075a65ae98176e0ab85157977a2aa555f29fc6a372c84cf96ce74bc0ab61a60e8a4e5ae8782633630dcc1
SSDEEP

3072:1K0cUX48d+AI4h8vwZoY0HWhNeRFRQJcsm/Tz9lDtTnwKc:1ncUIwdVh8vwH0HWSRBsm/Tz9PY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6181e9402a8729d0da85d0d525cb9198_JaffaCakes118

Files

6181e9402a8729d0da85d0d525cb9198_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b1631f367d0c49197c36a1bc0fcff3a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
GetModuleHandleA

Exports

Exports

febzgucphctarebunspxzq
lzpxtzpiieblvqhjpwod
vwqytavnwuqpsjduglrvx

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ