734d778184ff66fc9168ee87c6a4920e_JaffaCakes118 | Triage

Sharing

General

Target

734d778184ff66fc9168ee87c6a4920e_JaffaCakes118
Size

112KB
MD5

734d778184ff66fc9168ee87c6a4920e
SHA1

9b47d0e0e7ad994274b3e438541c11b6884c3913
SHA256

d2c02c56b347d9efcc89c60e23c01296e84e35f3266968296124c39e15f958df
SHA512

a1f6c284e4619aa3d4c0235c69efc555a2652209847d64e4ee78024e0f17bd2926ccdd053df7f4d903ed12280ebbe3117335b0f5f207a3c434e0016c67fae201
SSDEEP

3072:vBQmP9Xi2lThrMjCPdjc8QMmNkxF6ERFedYHe1lD:ZQmVXqjAjcNMmNfoHe1J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
734d778184ff66fc9168ee87c6a4920e_JaffaCakes118

Files

734d778184ff66fc9168ee87c6a4920e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

WlxShutdownEvent
WlxStartupEvent
t

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ