baf60e866dea54ee5c1a62b20c47b5e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

baf60e866dea54ee5c1a62b20c47b5e3_JaffaCakes118
Size

21KB
MD5

baf60e866dea54ee5c1a62b20c47b5e3
SHA1

decf3fea8245f357b1f8df30e90e195423aa0cb2
SHA256

531d90fc2ca5ccf8ae26510be9ba00bcf1699dd1eaf140ce02b5305eca0532c3
SHA512

3d43f0119e66ca454f9d9974a7833aa75304bb5a00c413b5a6d2878697520c7f44aa63975e0a21d6375914fbc0812248da67cf0525a6997a1e520db75305cd08
SSDEEP

384:S9D8wodKqjVEhp4J7A0I0wHQH3SBuEWO7Dej8v2Mt33gQn4ubD35H36nq+rL33Qo:S9DPoMqpEP4JPlXSBvZHXvRt3QQnhbDw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
baf60e866dea54ee5c1a62b20c47b5e3_JaffaCakes118

Files

baf60e866dea54ee5c1a62b20c47b5e3_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7632b18a88b6df43ae18e3614ca026bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
lstrcmpiA
lstrlenA
CloseHandle
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
lstrcatA
CreateThread

Exports

Exports

Load2Graphic
StartVideo

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 618B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ