dadb5744e7d640c26c523005db9f9fec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dadb5744e7d640c26c523005db9f9fec_JaffaCakes118
Size

132KB
MD5

dadb5744e7d640c26c523005db9f9fec
SHA1

0ad85009646c059da03c59992a54c58537c34a2b
SHA256

45a84ecb54096e81951dd52f544413aeb9165422b843687fd716d7a5fdf3c23e
SHA512

aff4269f843e0749c4bc19ab422bf7cb51665c2fa6aa1a8ce2182f313da208ab470244eeb1733311124b39ef931f40ca6cba9f66519daa1b685dd54e49ff70a8
SSDEEP

1536:qJlHZEgy2AEEEwNy54QKHcODQONc8+P93GFoFH32FmlD9/mmTIRh+HDler2vRvMM:Ngy23GJHr3cnPJgk2gDRdTXH7vRvZJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dadb5744e7d640c26c523005db9f9fec_JaffaCakes118

Files

dadb5744e7d640c26c523005db9f9fec_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d71ff74ccfe699004afc74c243196b27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

fdsksd.pdb

Imports

advapi32

AllocateAndInitializeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetFileSecurityA

version

GetFileVersionInfoA

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ