7872a3c1e8b6f7b2db1a3dbda81eb2af_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7872a3c1e8b6f7b2db1a3dbda81eb2af_JaffaCakes118
Size

740KB
MD5

7872a3c1e8b6f7b2db1a3dbda81eb2af
SHA1

27672130d410c5146a22d7bd8f6599aced2513c1
SHA256

14e0715b2d740fab824423af8ac3250fc04682129d2d1c4b96a88069479956a3
SHA512

7ccdb1a78067db20ef00b0634e87b5f713b5cc4f066f7e3f198c5b8570d09d29ff14cd00cef1068d077e9dacaa7fcf0a76d57893f4d154655c42850ca34ddd41
SSDEEP

12288:vP+fBiRRGT1wvlA7iAMT06Sa824aiwawbeq9zV9q/eEu8Ri2rmtP+wQUqLDgpE/i:Opqswvno6xCaPbz1HqeEu8RbKh7QBEpX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7872a3c1e8b6f7b2db1a3dbda81eb2af_JaffaCakes118

Files

7872a3c1e8b6f7b2db1a3dbda81eb2af_JaffaCakes118
.dll windows:5 windows x86 arch:x86

cf3afa13cb4a38c3741b9573d5da93b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar

Sections

Size: 80KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 820KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xksmwnbh
Size: 654KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wewkwxhv
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE