a2b9a94ac25c1cf4f1da650177680aea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2b9a94ac25c1cf4f1da650177680aea_JaffaCakes118
Size

50KB
MD5

a2b9a94ac25c1cf4f1da650177680aea
SHA1

1062bb20228ecdbddc8d5d5185404b19ed626689
SHA256

9f381b0e881fb2fe1ded4ab4edcf9a12d601a1523024ee167121a4b26a46d66b
SHA512

89e59a485a4aa66f619efd8dba424b5dea0498cb0d03d2d4375ab0f895bd5d776a2a352515a3056bb9ecd6df0576ce0e733ad723f9dad34d4fd55f26947f67c3
SSDEEP

768:me6faaxFsT+SgxjHuH/ZqDcnZ36a8itwav9RKnFn87Gftk5CJZG9iG:Caanwg1uQDuZZmw0R87ebJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2b9a94ac25c1cf4f1da650177680aea_JaffaCakes118

Files

a2b9a94ac25c1cf4f1da650177680aea_JaffaCakes118
.dll windows:6 windows x86 arch:x86

8613e1a27eebf3b9f57832ccb37bf690

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileMappingA
MapViewOfFileEx
ExitProcess
MapViewOfFile
WaitForMultipleObjects
IsProcessorFeaturePresent
UnmapViewOfFile
VirtualQueryEx

Exports

Exports

CreateProcessNotify
dvdptvol

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ