73e9734aa25f470c0c33e92963128c63_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73e9734aa25f470c0c33e92963128c63_JaffaCakes118
Size

93KB
MD5

73e9734aa25f470c0c33e92963128c63
SHA1

06436bb06927c115f0d45310a5e58fd7ed1608e9
SHA256

c168e400df29e8112c70c942338a3ba0dfc808931767666d12ed5dd0ff9e470f
SHA512

6daf45d0bf40f8fc612b169ffda37f76c53007652f179a4c49077b52a895e55f8cf92ff20f3d37ede28122f70468f3562fa1126c61d82f4862f282b3d6348a04
SSDEEP

1536:0+XSD19E5DBGSJ2vxu2mloku5fu9xvsMSKisBjVqQ4XZS:0+X69E5t52ZT6pUkHSdBQ4XZS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73e9734aa25f470c0c33e92963128c63_JaffaCakes118

Files

73e9734aa25f470c0c33e92963128c63_JaffaCakes118
.dll windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 80KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 864KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

whdxpkbr
Size: 680KB - Virtual size: 680KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wddzkfvt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE