c8dc15135451b6d26e10ebcf1e6a57af_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8dc15135451b6d26e10ebcf1e6a57af_JaffaCakes118
Size

65KB
MD5

c8dc15135451b6d26e10ebcf1e6a57af
SHA1

d56a41505d506d453eafa402417a40d58a245d18
SHA256

e486de8e62510bcf9cddadf996c743d32747129285c3cc1545bdb9ac181633f2
SHA512

2f6226f035641338a84095b9a3910c6a2cc584cd21b9285168a1e1000e77ae36f94bcb7affa7f6e652f9b7b17ab23e076e9ea928114b16c4e2d71e89fd87efe9
SSDEEP

1536:Tyh5n+sRmR6RIdvudZME11Zc7vcTOOSK/7/G:Q5+4u6wSVU7vL+S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8dc15135451b6d26e10ebcf1e6a57af_JaffaCakes118

Files

c8dc15135451b6d26e10ebcf1e6a57af_JaffaCakes118
.dll windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
inject

Sections

.text
Size: 47KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE