7017249620f8d0b83ff77339d6e94620_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7017249620f8d0b83ff77339d6e94620_JaffaCakes118
Size

93KB
MD5

7017249620f8d0b83ff77339d6e94620
SHA1

b2e110ed082b7e924d9020fd4bff018a7720cd73
SHA256

5c88114bb68de96dbff49ba5edeee85ae70bd4e9d72168a7b7e5948b7f7a7045
SHA512

e058bdf5ee2e0c32cf7ec54c967f5f4ce0829028aca9162a85f45fbf5bcb7a1c98cb6f3bab720df5f805290f8ff2427b0ba5c8f5662bc1fa679c2f72a7d1c53b
SSDEEP

1536:R2MJak50qzLYhF38xLIg2QaQUB7IDjzgMfdNgsd6NkWwOp0IXlehJgNvQp:02mB0Ig2ZchH6NkW72hJgNg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7017249620f8d0b83ff77339d6e94620_JaffaCakes118

Files

7017249620f8d0b83ff77339d6e94620_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1adeed875330df8e6c932b9c049d19e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnumResourceLanguagesW
ExitProcess
RtlUnwind
TlsGetValue
lstrcmpA
lstrlenA
EnumResourceLanguagesA

Sections

.sforce3
Size: 26KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce3
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.brick
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ