675f24a86e712a281b7416b4982a984d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

675f24a86e712a281b7416b4982a984d_JaffaCakes118
Size

18KB
MD5

675f24a86e712a281b7416b4982a984d
SHA1

0a12816a5a6ee0410f7053e1128a2e769c2e57d2
SHA256

0e62d568cda031739296ead497e00dbc5f132e8408e01a0048d5d7bf64729d56
SHA512

103cca065203b55136ab57aa2eb5bd00bd055fede7522d69d5c607fba500b1dc960ca1851fe9b1a686b1a02e7a6257d6741b0d72a66492fc21614e1bfd832a2f
SSDEEP

384:IQ91xqKWGaAbguzoSleH2kUNgahFqRhJLk8HF7Mzq8NV0gt:9pqEaAb6S2k+I4gqlg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
675f24a86e712a281b7416b4982a984d_JaffaCakes118

Files

675f24a86e712a281b7416b4982a984d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c1f8dce0359a302284d52a7ed373d7ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_stricmp

Exports

Exports

input

Sections

.text
Size: 13KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE