631ec99d695c2d1cc9f73640ed514e20_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

631ec99d695c2d1cc9f73640ed514e20_JaffaCakes118
Size

21KB
MD5

631ec99d695c2d1cc9f73640ed514e20
SHA1

6cd72349d1a85aff1ef339824319cd4abb0d7c7d
SHA256

7f20bb52beb5b978c64701ba09c4114943b1afc0448548094ef26fd05008a63b
SHA512

3ffb6a4c4b207da3f05357f3ab3c84247fe80d56788d704638a3c7e1c7ff1a5f84d0632797a696d49425f88c9e87bde0095a9e4c0fcbb0e9249ba18c0f26259a
SSDEEP

384:p8AXHj2iCuUvZ7v9BgsYxCj8vI332BLwLJvdWnz37bljLGOlvfaTiUNVpTfk3JKM:p8AXaiKd9puC4vIn2NMR8zXxqOlv2hZW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
631ec99d695c2d1cc9f73640ed514e20_JaffaCakes118

Files

631ec99d695c2d1cc9f73640ed514e20_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7632b18a88b6df43ae18e3614ca026bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
lstrcmpiA
lstrlenA
CloseHandle
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
lstrcatA
CreateThread

Exports

Exports

Load2Graphic
StartVideo

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ