8a488ae24020e9b8f8b1c5d515023d35_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a488ae24020e9b8f8b1c5d515023d35_JaffaCakes118
Size

23KB
MD5

8a488ae24020e9b8f8b1c5d515023d35
SHA1

6418e6fbd145a5a78921838d429eab7c722d0771
SHA256

044ac71cdf241a192901cc7ad762aae718281fbcaec7b9c98dae1246cf59bd26
SHA512

6b1188bab3b18b55750cb55f43407fd6634cba279392995bc41781ae050d73d523fd45ff0fbf66aa1884f8b2eff0413de2410c55e12763fe2c48b4eb1730962c
SSDEEP

384:uD0rroSmpzwrFqFEcFl52p/3HaCDztaxL3DJPA2jZN+4nUxJhAH:uDt92AEOY9HrzwZJI2jZtnW0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a488ae24020e9b8f8b1c5d515023d35_JaffaCakes118

Files

8a488ae24020e9b8f8b1c5d515023d35_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7632b18a88b6df43ae18e3614ca026bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
lstrcmpiA
lstrlenA
CloseHandle
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
lstrcatA
CreateThread

Exports

Exports

Load2Graphic
StartVideo

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 734B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ