b87f5ed9a2945352590a23cd2181dfef_JaffaCakes118 | Triage

Sharing

General

Target

b87f5ed9a2945352590a23cd2181dfef_JaffaCakes118
Size

20KB
MD5

b87f5ed9a2945352590a23cd2181dfef
SHA1

f87ea87f61102d9d9dbbb9f9c2545c475d54ac97
SHA256

1368c30f9331baeed2338d8f24a919502a1f53ec8e50a9da603c908c08269e88
SHA512

034fb0b072611d5e97f01950e61302ec499f4e9b89c19a589a39eef3275306d326c4989ad242cf02f9a9dcbdbfeabd5e41e959b7cb3c064268e12ef04417c4d1
SSDEEP

384:HGrL6AuTfO8ACSVUDem09QVQUFqfid8RD4LnB6JAYzcnemc3k:ajuT2n6em09SFm5D6213

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b87f5ed9a2945352590a23cd2181dfef_JaffaCakes118

Files

b87f5ed9a2945352590a23cd2181dfef_JaffaCakes118
.dll .ps1 windows:4 windows x86 arch:x86 polyglot

88b2be634d94e89de38cd5a5cff6cede

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
ExitProcess
VirtualAlloc
VirtualProtect
VirtualFree

gdi32

LineTo

Sections

.text
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ