84e83f4cfaad80524238b9ee3bec2d04_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84e83f4cfaad80524238b9ee3bec2d04_JaffaCakes118
Size

108KB
MD5

84e83f4cfaad80524238b9ee3bec2d04
SHA1

c36d7f3181bba19039c4dc56bff8f48d265f4d93
SHA256

ee03b56d84017b1108c0ba3f2c0db0a0979725a415ca0cbf1b00760b6a481bbe
SHA512

db025d42a64c23ebdde4391301af759a0b776fc5a9fdb6b60a61255b5448497884c4b8359c0da4c29e6a7130dfdbb11cf1af2c8b9693358a80a487006999bc61
SSDEEP

3072:bbIzP1y0SiQO6Xo4ft9dkk7O0hQDPJ3wYh:bbtTHO74l9dLzGWE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84e83f4cfaad80524238b9ee3bec2d04_JaffaCakes118

Files

84e83f4cfaad80524238b9ee3bec2d04_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5762f416d0c1513248267b38fa7f96e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
FreeResource
TlsSetValue
WriteFile
CompareStringA

Sections

.sforce3
Size: 24KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce3
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.brick
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ