a2f290b16fa5bfb4c37dd79d613c32c6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2f290b16fa5bfb4c37dd79d613c32c6_JaffaCakes118
Size

23KB
MD5

a2f290b16fa5bfb4c37dd79d613c32c6
SHA1

9030020d4b1497f21d4a77f9359576cef3438edf
SHA256

b12fa4061892996d8215b5b63422d9d8074ecf3ae4df52936358182d283683b0
SHA512

667859a46e2999b924cdfdc480a7305ea9419259bcc06f9ac6c1231a65da0c87f6e5bb88b8b0e014e9457bc575a5d89b69ea7b25d7902ff9afffd378ad749355
SSDEEP

384:MtDcObpBYdkSg8iULKiw138q8bmKas+/IiqF98vxUQnjAj:MRcObpBKk+RLKiwj0mKa4fFyvxZM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2f290b16fa5bfb4c37dd79d613c32c6_JaffaCakes118

Files

a2f290b16fa5bfb4c37dd79d613c32c6_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7632b18a88b6df43ae18e3614ca026bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
lstrcmpiA
lstrlenA
CloseHandle
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
lstrcatA
CreateThread

Exports

Exports

Load2Graphic
StartVideo

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ