678afcb6e5568390b93d9d66c1dcacb8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

678afcb6e5568390b93d9d66c1dcacb8_JaffaCakes118
Size

876KB
MD5

678afcb6e5568390b93d9d66c1dcacb8
SHA1

4e88d893598e4e8f717f4fe9965d62c8cdfb749d
SHA256

96688993b000e6da5749fec14c2e8df364ac36989fc00f0ca5b0edb3acb423f3
SHA512

a34af7b5587720cf983c4c379cee1e0dde4f6380d4c0bea427277d296054d2cdd8812a1192215aeb165d40a6c9d223718103d1519962fa69138d67bfe5062f22
SSDEEP

24576:pN/KX/SVvbcS0NzyMQE3l6qP7OvhMSkX:rKXhS0NzzQE3F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
678afcb6e5568390b93d9d66c1dcacb8_JaffaCakes118

Files

678afcb6e5568390b93d9d66c1dcacb8_JaffaCakes118
.dll windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

eylfxupy
Size: 862KB - Virtual size: 864KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ywzotjfc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE