d5309d0270dfc1d58feb303c6e4cbc4d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d5309d0270dfc1d58feb303c6e4cbc4d_JaffaCakes118
Size

18KB
MD5

d5309d0270dfc1d58feb303c6e4cbc4d
SHA1

cfea0a72fd8df5efaeaf460610daaca2cd72b6ef
SHA256

81b5aa3e759174e512ca8a61368c2a706b6da24f58982f5937bd007b14890878
SHA512

3ace516e7b2be6a797d05e5a42ba09c6883579855f085ff5e94baf007909d77556ffd62993ab8c4443dcb62d816dd8eb04c744d7918aeb59c95ec62102e31e23
SSDEEP

384:NU62Dh48ucYSCDOiRCDt/yGfKY6KBx2DSUr3guBhF1+24+dqB6c:/2q8mbrChfKY6KBx2DSuNhFbdf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5309d0270dfc1d58feb303c6e4cbc4d_JaffaCakes118

Files

d5309d0270dfc1d58feb303c6e4cbc4d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

21c68b7f91102455a9bf13fc27709d50

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
GetLastError
DisconnectNamedPipe

Exports

Exports

Activate
Delete2
DllCanUnloadNow
DllGetClassObject
GetModInfo
Install2
Run
Stop

Sections

.text
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE