c0f6d389219875dc7c95ede82b5c959c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0f6d389219875dc7c95ede82b5c959c_JaffaCakes118
Size

17KB
MD5

c0f6d389219875dc7c95ede82b5c959c
SHA1

6ca5b310f5e2570ba372c7cb779df0a237681c23
SHA256

1c7fc1436782fd6e04dcd80febe7aae4034ed99f6f6664ec8f0eee1fb43199c0
SHA512

fb24ff503ecb4f91f459095649df7497d8c738aef44af8ef93934c5128770c2fa7b1eb63c7f51f1d0152491d813d37312beb0e1ec5f42f1d9ea820bf299bba4b
SSDEEP

384:5r1RhCLtQpn4r8owSG3dBk1Z5GMbqkwz:pwJQpn4YMG8fGM+k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0f6d389219875dc7c95ede82b5c959c_JaffaCakes118

Files

c0f6d389219875dc7c95ede82b5c959c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1794003c480f5a71b6470a8f60a8c5b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSize
GetLastError
GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualProtect

user32

FindWindowA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ