d025e54a3b0a0520e1966f6487e1cd44_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d025e54a3b0a0520e1966f6487e1cd44_JaffaCakes118
Size

40KB
MD5

d025e54a3b0a0520e1966f6487e1cd44
SHA1

49ccf51a61850833a39f6a778bc6bdc894e43789
SHA256

159a495b7215c8cf980effae486e14a3be00f4f3b6d4bea5cdf3dc15f3f2d41e
SHA512

2ac15e7a043eb3a2cbe268bab6db06ab1f6a8e2c2a6496a50db29be5a1c8c6f9f456ac4aedb54b184438f0d10408aab671d4427a7bb1583f152b469d121a9d01
SSDEEP

768:5iIFvsCd2l/6QIdzFREeZnqogMprYzKi662/Octz5hWVW2Wt8ff:zFL2lA3RZtvpOKio/OUlhetWuff

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d025e54a3b0a0520e1966f6487e1cd44_JaffaCakes118

Files

d025e54a3b0a0520e1966f6487e1cd44_JaffaCakes118
.dll windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

_TEXT
Size: 34KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE