739374e559bc3f5031bc662b54e947a1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

739374e559bc3f5031bc662b54e947a1_JaffaCakes118
Size

144KB
MD5

739374e559bc3f5031bc662b54e947a1
SHA1

28f9199e619d5cdb39a0395243d18381ca24d5fd
SHA256

f375a033d928556c6a60a2d4bacfafb5bfb88446ea62e9cbae176ac34143f385
SHA512

4e749b00d00b322a26f9bac5c565da99c7f6938ef93c73fc7bfe468a87afc294623c28531b903b727ef4221f38f81ff277e81f5b32bf4589d426486fda3c0ed2
SSDEEP

3072:1K0cUX48d+AI4h8vwZoY0HWhNeRFRQJcsm/Tz9lDtTnwy+FRsqu:1ncUIwdVh8vwH0HWSRBsm/Tz9PTSRru

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
739374e559bc3f5031bc662b54e947a1_JaffaCakes118

Files

739374e559bc3f5031bc662b54e947a1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b1631f367d0c49197c36a1bc0fcff3a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
GetModuleHandleA

Exports

Exports

febzgucphctarebunspxzq
lzpxtzpiieblvqhjpwod
vwqytavnwuqpsjduglrvx

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ