ac5b6fe13591aedb2058f07aadb81320_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac5b6fe13591aedb2058f07aadb81320_JaffaCakes118
Size

85KB
MD5

ac5b6fe13591aedb2058f07aadb81320
SHA1

f02e6cd0bc4389cd853736244b5ab493ce9ad903
SHA256

e45d55f14d84de053b6976b4b0c5733969103db1fa0d5823657af30bc54a8a76
SHA512

fe9a527399f6091665a54caa329cf5892e67a0f477d36f7431e5c14ef8fa350913602d1376ac58f85fd982935e7ec691b0b72261d1463af460d3562017aa7cd0
SSDEEP

1536:1ADwYWSfyRVNFFGHIGcN5ijdsjfyXA2JwTcLlG+Oo43yT8R:1qP14VRGHyNsqyXA+M+OCM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac5b6fe13591aedb2058f07aadb81320_JaffaCakes118

Files

ac5b6fe13591aedb2058f07aadb81320_JaffaCakes118
.dll windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

sityp
sitypnow

Sections

.text
Size: 56KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE