dba4bfb8041410c41f588d16fa63b34b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dba4bfb8041410c41f588d16fa63b34b_JaffaCakes118
Size

104KB
MD5

dba4bfb8041410c41f588d16fa63b34b
SHA1

4a985a946c03d1e84bbf330a211322a6d966459d
SHA256

2f0db85d4a1a2e53d054cb8e44ec22785bf84cc5d5721b3a090ca1e663b72ed3
SHA512

6a01f4611fa8a5b1fb085e141e1ceaab2f5856a7e269e89e1f369458f59c3afe5cd25dc40de31c527283a4c512b8c9fe2e16c5c7a344dc23294a6323b7894efc
SSDEEP

1536:jFb/gIdEvn2AcF64FRr5sdPTHtz1Eu0oqcHrjXastRkrtLPWLnSy/:jFVd8nOYQ5sdTtz1Eu93H3bOtCL/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dba4bfb8041410c41f588d16fa63b34b_JaffaCakes118

Files

dba4bfb8041410c41f588d16fa63b34b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

47b95eaa8a92898962a601a6fb44ee48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
free
malloc
_initterm

kernel32

DisableThreadLibraryCalls

Exports

Exports

RtvEBlockQuery
RtvEDestroy
RtvEncodeBlock
RtvEncodeCreate

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 374B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE