d348135c72853bafffe30972b0221f79_JaffaCakes118 | Triage

Sharing

General

Target

d348135c72853bafffe30972b0221f79_JaffaCakes118
Size

538KB
MD5

d348135c72853bafffe30972b0221f79
SHA1

da4d867b1695ad7850fc0947075e3b3707f1d074
SHA256

3574847782ff1e77f682995150bd9f4e121af458bd64ec4e33afd4cfaba32962
SHA512

7571588ed215a60da83d0452d2a746a7519ba86b11e36c76a36d976e6fc0d515c9068f98dd1cdab2e8c52e39048b2d9fb573a9cb77f78b618acf03534c4073d1
SSDEEP

12288:EltroECSOKbOR/q17TUlj2U3pJwqO01qbKTmxaNHbL54GBH4Px:Eltr3zOK27aYfwqODHAbL54T5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d348135c72853bafffe30972b0221f79_JaffaCakes118

Files

d348135c72853bafffe30972b0221f79_JaffaCakes118
.dll windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 34KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mbfedkyl
Size: 496KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yafxppub
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE