cf4fd5c54c87343c4459367216a6905b_JaffaCakes118 | Triage

Sharing

General

Target

cf4fd5c54c87343c4459367216a6905b_JaffaCakes118
Size

21KB
MD5

cf4fd5c54c87343c4459367216a6905b
SHA1

96f017a0c62e635428def26145aed151ee336c94
SHA256

971235a70faa4853762c8d41cc9244b76fca6e8e8a0d249f767b8f6ff70f54ff
SHA512

f1addc2a8370befec91e6d212ca2a4b9d729b3cb2c6ba25f44834f3fbe05c1347f37d9f2651d5c21bbdc101fe6457a552a94578991ad216a957ef605420c94ea
SSDEEP

384:NKs678JOPQO9G18joj2lqG4whIi5jyhc7FjM8v3n9Sp88Da14ITbR04wm0zUfRoY:NK1dJG2jo40whIS7LvX9Sp88Da19T10m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf4fd5c54c87343c4459367216a6905b_JaffaCakes118

Files

cf4fd5c54c87343c4459367216a6905b_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7632b18a88b6df43ae18e3614ca026bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
lstrcmpiA
lstrlenA
CloseHandle
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
lstrcatA
CreateThread

Exports

Exports

Load2Graphic
StartVideo

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 618B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ