d3c2547252532e3941069f5ba43e65b3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3c2547252532e3941069f5ba43e65b3_JaffaCakes118
Size

116KB
MD5

d3c2547252532e3941069f5ba43e65b3
SHA1

ac1b4384e0af62eb34fac8d5ce0683a641509a13
SHA256

3d39279412c33611e79cc5849702d42122161a4cb7bbe934b40319895aea94f7
SHA512

ada7cb53fc09ff08703bdfc9775bf9fd36dc2a77983e40942ef0d66394cd41fdc03010f3a7b890f3383c7595dc8dceff06df0da08806fc92b3d1620f84679fcd
SSDEEP

3072:7H0Sz02Cc5uMbXyyM4IR1suXX+bfw2uhaiu8mnvMbCdx9EZB:7nB5bbJMLLbVN/mvOcxOT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3c2547252532e3941069f5ba43e65b3_JaffaCakes118

Files

d3c2547252532e3941069f5ba43e65b3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d71ff74ccfe699004afc74c243196b27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

4fbdsv984o.pdb

Imports

advapi32

AllocateAndInitializeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetFileSecurityA

version

GetFileVersionInfoA

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ