aa024dbcaf238d95b0b3679d4f51d5e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa024dbcaf238d95b0b3679d4f51d5e2_JaffaCakes118
Size

102KB
MD5

aa024dbcaf238d95b0b3679d4f51d5e2
SHA1

be1d17cd37e794319104815825d278b9b8143812
SHA256

336723121d0f8af268846ce9b563c51b26f91e64649319272787f3257c85f7d8
SHA512

0fc9fc643c2a755f38e022656d3359a9e1a383137f7b8fc9170a966e00d7c1bddf2fdc408a451ee809e4654c44314e5f2fc56e950ec6502941c5c4d370885dbc
SSDEEP

3072:yfwLeaNE1Vc/LU/Sw8Wp0jU27LwEa66lw8Q:8Ppp0jF7khQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa024dbcaf238d95b0b3679d4f51d5e2_JaffaCakes118

Files

aa024dbcaf238d95b0b3679d4f51d5e2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6ec64d18033213456652f4669c09eafa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnumResourceTypesA
ExitProcess
FreeResource
GetPrivateProfileStringA
LoadLibraryA
MapViewOfFile
RtlUnwind
UnmapViewOfFile
lstrcatA
lstrcmpiA
lstrcpyA

Sections

.text
Size: 27KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ