831f49222ee1ee34e3ad11cb27ed7466_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

831f49222ee1ee34e3ad11cb27ed7466_JaffaCakes118
Size

13KB
MD5

831f49222ee1ee34e3ad11cb27ed7466
SHA1

2ab22e41fa4a485f63af0a5a8f324d8c09a22a6f
SHA256

8fa8e0ae4c41d5ef364377ceb88f87baefaed23e6908d91b8aefc28becee0ed8
SHA512

cdbf721be30f4f9c1715382dfbce4b74eb1a4bb7545cc0609bd2fb47bda85a681ff9b12f3b4902df159305c928ab4d06e279d9cdb5f447e8777a713268ee1efc
SSDEEP

192:EV23+awhaomGbbupVqYV1s0ya7iHML3ZSYT5MqscRR2CDlnukVRfqc5ak9TTYLo:EE3F2HbuhsuiPWMilnfRf3aktW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
831f49222ee1ee34e3ad11cb27ed7466_JaffaCakes118

Files

831f49222ee1ee34e3ad11cb27ed7466_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7c36b0a9fbab0c9e5106fa1b564d3944

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcr100

__dllonexit

Sections

.text
Size: 7KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE