b92136d3c6cee8585cf27a9d2bfcef11_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b92136d3c6cee8585cf27a9d2bfcef11_JaffaCakes118
Size

24KB
MD5

b92136d3c6cee8585cf27a9d2bfcef11
SHA1

a6550233a69bfabe5004f8097e40b95b17cf22ab
SHA256

8b62d7bcd8bde94d30aa387f1b3fe70d2d1a3c93ed7e5018ceac4b2c4b269061
SHA512

748230e40dcd1974ba990df3b28ec51ef432a80fa597221718ce0b894be60ffd49a368e8e354c29f68d6254f7e83d7bcaeedacd11078c017c7946407a26e45d5
SSDEEP

96:cQ4XTojb4w3empnFJkNYPFqKFBKTMuIOp6oty1k1j093Eo:KXjwumpFuSdq+jBoU1u0eo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b92136d3c6cee8585cf27a9d2bfcef11_JaffaCakes118

Files

b92136d3c6cee8585cf27a9d2bfcef11_JaffaCakes118
.dll windows:4 windows x86 arch:x86

aeaa80ecf04fa64ad3f6593abe4fed70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

splctl

ord483
ord482
ord488
ord57
ord17

distbase

ord456
ord399
ord27
ord85
ord504
ord320
ord420
ord235
ord264
ord328
ord244
ord272
ord411
ord403
ord503
ord274
ord468
ord457

dbaccess

ord683
ord591
ord94
ord76
ord115
ord169
ord171
ord170
ord19

shlwapi

PathCombineA
PathAddExtensionA

mfc42

ord800
ord1253
ord342
ord823
ord1182
ord825
ord860
ord1168

msvcrt

__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
__CxxFrameHandler

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 414B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ