a5753be34addb7feb6b6cc8928d43c5a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5753be34addb7feb6b6cc8928d43c5a_JaffaCakes118
Size

87KB
MD5

a5753be34addb7feb6b6cc8928d43c5a
SHA1

5b9482384a2c1451d7df7db99fab49eed54ae38e
SHA256

add1cae80abef0008460cb8bc5f48523bc27ba51b119b9e5e3d8ac17d3ff6667
SHA512

351cbc9ea814095cc1a274c303132a4a9f44b3cba053488c52b4b72cdb5d4c57dde8e7341d471ed7f05335a191c1a19f6d14e929e814b238836bf0f5657b9184
SSDEEP

1536:kqnKq+0P9aXRiYOS8rcaOXsCXP0YK6/ArtWXB57OsLt+EcvD67rGVNiNzL:RnRn9KdhfN/qta7eP7gGVNiNzL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5753be34addb7feb6b6cc8928d43c5a_JaffaCakes118

Files

a5753be34addb7feb6b6cc8928d43c5a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

acdc79cf78b1d6e6faa291b1739b7e5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
VirtualAlloc
GetModuleHandleA
ExitProcess

Exports

Exports

RELOADED1
RELOADED2
RELOADED3
RELOADED4
RELOADED5
RELOADED6
RELOADED7
RELOADED8
_RELOADED9@20

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RELOADED
Size: 512B - Virtual size: 106B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RELOADED
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ