7861425d414bf9be4fc30b4639583a04_JaffaCakes118 | Triage

Sharing

General

Target

7861425d414bf9be4fc30b4639583a04_JaffaCakes118
Size

819KB
MD5

7861425d414bf9be4fc30b4639583a04
SHA1

9c8dddd57e53f2a567495baba970a8f0dbe4e1a4
SHA256

bb66b314d28eee664daece7edb5efd0a990a95c051a3815d27683b70dcf67973
SHA512

2011b74f28033f1848a68820b3fb9a2580fb15277a660e8f54c34c0789d85d4cd4a239784735210bf18ab1d2ec5accbd2766fd7bfbc658702a1d6189cdddcf7c
SSDEEP

12288:goKy4BFKb7Al6eyMa3B4jdtd9xuGXyznCp+LiO1iKB/rZW/vnEfU6raZR35bWM:Sl6eyMa3B0dtZ/y7vN1iG9evncn+Zt5Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7861425d414bf9be4fc30b4639583a04_JaffaCakes118

Files

7861425d414bf9be4fc30b4639583a04_JaffaCakes118
.dll windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1004KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wlftexod
Size: 808KB - Virtual size: 808KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

itysosgr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE