8a0240aae3b902e9eeb52ca216c8b998_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a0240aae3b902e9eeb52ca216c8b998_JaffaCakes118
Size

20KB
MD5

8a0240aae3b902e9eeb52ca216c8b998
SHA1

90580d64a6eab5e4f748e25e97c0d1781d387591
SHA256

8f6e0eaefed5269fac6b94ebe58ce5429590feeb9dd5a9954199b3465e044826
SHA512

943fa92d50acc8acbc0b01cdce1725ed3e7a2f5988617c5107282a5d0da1ead435b3940711bb64b6795ce53d84b112b968d581ebfdb00b5a4720af5f90edd2a3
SSDEEP

384:WlXlSMP6OEFnCqGJYrQiE36J+Q3IWU/xMI8vG37Lrl7xvaEoDr9VnnEsXfO:YlSMPfEFnCVSgoLblvYXJlaj/9VlW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a0240aae3b902e9eeb52ca216c8b998_JaffaCakes118

Files

8a0240aae3b902e9eeb52ca216c8b998_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7632b18a88b6df43ae18e3614ca026bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
lstrcmpiA
lstrlenA
CloseHandle
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
lstrcatA
CreateThread

Exports

Exports

Load2Graphic
StartVideo

Sections

.text
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ