d3a24d838e0d7b9fd8605e6fba4afecd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3a24d838e0d7b9fd8605e6fba4afecd_JaffaCakes118
Size

3KB
MD5

d3a24d838e0d7b9fd8605e6fba4afecd
SHA1

49cb1effb07927d87c72039880b10a63d5bbfd2f
SHA256

d692ebf8ff7b63ed64fb4168e5423781759168e5bf197c83f9521370476716d9
SHA512

4a31b0e960ff01b292bdb4ea1ddc8e47425f09467dbae3daaa56e9f15adc1505c8e0e3f6a2763e6681005a83dc318e3d0b409c70c58b2205e578761273440da1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3a24d838e0d7b9fd8605e6fba4afecd_JaffaCakes118

Files

d3a24d838e0d7b9fd8605e6fba4afecd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0b69d5093becb476150c8c4a428dc314

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
GetProcAddress
GetModuleHandleA
lstrcmpiA
FindFirstFileA
FindNextFileA
WideCharToMultiByte
FindFirstFileW
FindNextFileW

msvcrt

_stricmp
sprintf

shlwapi

PathStripPathA

Sections

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ