db62e098efab8aa8f5f88f5de05a1c7d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db62e098efab8aa8f5f88f5de05a1c7d_JaffaCakes118
Size

22KB
MD5

db62e098efab8aa8f5f88f5de05a1c7d
SHA1

7cb7bda0db70530042afb5c06a811d1706d6f247
SHA256

ee4a8e4ea03b0ab9addb1646bf0db55f9b7dd50bc49888477046f2f8a471621d
SHA512

11e69c15d61970beef9e16494f5c8cbdf56e7af444e6bbd311f2919d07e2af7180908340067b319600ead7581dc6568a76e6ba6b0114b2711ec18ba43f7571c7
SSDEEP

384:4KCEVd17u4C9VQkiUxfRZpH0cRoxM99BPoIFA2gPE7hA4:4peo99i4/w8PoIK2gW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db62e098efab8aa8f5f88f5de05a1c7d_JaffaCakes118

Files

db62e098efab8aa8f5f88f5de05a1c7d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7632b18a88b6df43ae18e3614ca026bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
Sleep
lstrcmpiA
lstrlenA
CloseHandle
lstrcpyA
GlobalAlloc
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
lstrcatA
CreateThread

Exports

Exports

Load2Graphic
StartVideo

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ