a1297511444b8d705eebbfb4b92b5556_JaffaCakes118 | Triage

Sharing

General

Target

a1297511444b8d705eebbfb4b92b5556_JaffaCakes118
Size

60KB
MD5

a1297511444b8d705eebbfb4b92b5556
SHA1

a38b4c2e29772b9e313822549c08061c75cb6238
SHA256

6a4152b52ba7cb32860b013af7e3dbc10ae925a3638950073994d7e9c86fe8f6
SHA512

a492821e50aec205dfecc45919bc85ecc8757e2874461d4efba4eee6af4c46d33e44cfdb12a0a84f8384f1c448e3d8c048c1a01666e890fe62b8584be62cb2a0
SSDEEP

384:m/Ze5Q9KaonyYWQZKtUkwDiTis3/QkS1Xli+OsrCMj2vYSyqpxi:m/VKzyYWqKSIisor1Xl6sOK2vtRi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1297511444b8d705eebbfb4b92b5556_JaffaCakes118

Files

a1297511444b8d705eebbfb4b92b5556_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllManagerReadProcess
LoadVantiDll

Sections

yysscc0
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yysscc1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yysscc2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE