886b987b0252fbdb18ce3611bf2bc857_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

886b987b0252fbdb18ce3611bf2bc857_JaffaCakes118
Size

515KB
MD5

886b987b0252fbdb18ce3611bf2bc857
SHA1

1c665828c0c5204ad271d64c7615083a15282478
SHA256

1d12aeeab178af11119f95d5d9a95f4f86123d7467ecb5005b01a06cfa09f724
SHA512

2251b676d21dbf3ec5f9124542e48af8c3b7d78f16847b6ed8baf81efcdd3f19bdf61b9ff34000612685893f64f16abb043e923792ef233ede9572bbc7dbb106
SSDEEP

12288:njCWXnBB1Ia/zrP1gqN/j8FUDMSMT9puHI+jCWXnBB1Ia/zrP1gqN/j8FUDMSMTd:njC2nBBaarLtdtZHI+jC2nBBaarLtdti

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
886b987b0252fbdb18ce3611bf2bc857_JaffaCakes118

Files

886b987b0252fbdb18ce3611bf2bc857_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7ebcf56acccb085b50ca7680ac31b455

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GlobalAlloc
GlobalFree
LoadLibraryA
GetModuleHandleA

Exports

Exports

GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
LoadLibraryA

Sections

.text
Size: 512B - Virtual size: 282B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 363B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ