6838f603e2146d46dea46a42853059dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6838f603e2146d46dea46a42853059dd_JaffaCakes118
Size

23KB
MD5

6838f603e2146d46dea46a42853059dd
SHA1

842e19cbfb82b680800645ec913b3da49ea43e59
SHA256

92036f4f0b22f4468ba1b525ca88913affd0c263bf39b108695f73d198e4c4e2
SHA512

201d9059410ac8e875b3c915c8ec0640fefe6f76d8cd96b5e413f46eeeda74af40501b6b7ee8c58c34524c755191e6980e5055f181ce9c5a2036bd4f72be50ab
SSDEEP

384:MisL1qYDXOfWUbqFjgncNe+NdIoMKA23r8G/UPEfhA9dE:zkRDXmhE8ncbzY23Qg85E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6838f603e2146d46dea46a42853059dd_JaffaCakes118

Files

6838f603e2146d46dea46a42853059dd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7632b18a88b6df43ae18e3614ca026bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
lstrcmpiA
lstrlenA
CloseHandle
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
lstrcatA
CreateThread

Exports

Exports

Load2Graphic
StartVideo

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 734B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ