b5d952ef09218432e5b32a280a363866_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5d952ef09218432e5b32a280a363866_JaffaCakes118
Size

72KB
MD5

b5d952ef09218432e5b32a280a363866
SHA1

b191b56eeb1cbbd5978bdb63c0a58e2522d270e6
SHA256

2d5206a1e6757f6c8cb8a9ddedda79a06e35e6954963320cea7caeed4f705905
SHA512

de5fc16ee642dc30def5b661ab85f78295deaf73aa8b47a810049ceefb97177618b839d61910e83ca949f49881d2bb5310c3ab9645e7c60a6c191e542b520e9a
SSDEEP

1536:WuvHUcBFLIVAk75gUuUEoUBnTp2wE8KK:vccDLIavJp2wE4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5d952ef09218432e5b32a280a363866_JaffaCakes118

Files

b5d952ef09218432e5b32a280a363866_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8ae4b86caac7841109af25524232d266

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetThreadContext
VirtualProtect
FreeLibrary
GetCommandLineA
GetLastError
ExitThread
GetStartupInfoA

user32

PeekMessageW
PostThreadMessageA

Exports

Exports

Awxeterlsgs
Qknquyq

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA21
Size: 3KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.e4355
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ