cfedff83d7b923fee9dca2bb8d92e89d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfedff83d7b923fee9dca2bb8d92e89d_JaffaCakes118
Size

37KB
MD5

cfedff83d7b923fee9dca2bb8d92e89d
SHA1

e301f8ad59c6a6e389e1a6fbd05dd5c6f105e50c
SHA256

a274e22eafc491af4783b075de01af33e2c75e390a7143fc70cd0514f9b2f007
SHA512

1c53f1260f43478f71a82321208cbc04b087f30978425c9bcc3abe3d8973f68ffb32a4e418090185ac30310dc8e31255eabed3730fbcc1dee85213c35378a53b
SSDEEP

768:VBCh0ZvG+/3RHfgZn8Hfvi/UgO7PgO7N0ce8TEuybzGr5rZatOql4uX89X3:O0rJYS/I+PtRk8TE3BI39

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfedff83d7b923fee9dca2bb8d92e89d_JaffaCakes118

Files

cfedff83d7b923fee9dca2bb8d92e89d_JaffaCakes118
.dll windows:5 windows x86 arch:x86

c39919b4d420560de8376e19b5adf5dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

tier0

Warning

Exports

Exports

CreateInterface
cvar
g_pCVar

Sections

.text
Size: 32KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE